inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-10-08 14:51:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged WEBAPP-API (5.2.1) to 5.2.N (5.2.1)

Browse Source 
136412 cpopa: APPSREPO-66: Capture and transmit permission changes to the client
      - Added AuthorityServicePolicies policies which are invoked when a group is deleted, an authority is added or removed from a group
      - Added PermissionServicePolicies policies which are invoked when a local permissions is granted/removed, permission inheritance is enabled/disabled


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/BRANCHES/DEV/5.2.N/root@136420 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Constantin Popa
2017-04-25 14:03:02 +00:00
parent 3094a66ea5
commit ab81943a66
9 changed files with 524 additions and 107 deletions
Download Patch File Download Diff File Expand all files Collapse all files

104
source/java/org/alfresco/repo/security/authority/AuthorityServiceImpl.java
View File

@@ -25,32 +25,39 @@
*/
package org.alfresco.repo.security.authority;
import java.util.AbstractSet;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.TreeSet;
import org.alfresco.error.AlfrescoRuntimeException;
import org.alfresco.query.PagingRequest;
import org.alfresco.query.PagingResults;
import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.alfresco.repo.security.permissions.PermissionServiceSPI;
import org.alfresco.repo.security.person.UserNameMatcher;
import org.alfresco.repo.tenant.TenantService;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.security.AuthenticationService;
import org.alfresco.service.cmr.security.AuthorityService;
import org.alfresco.service.cmr.security.AuthorityType;
import org.alfresco.service.cmr.security.PermissionService;
import org.alfresco.service.cmr.security.PersonService;
import org.alfresco.util.Pair;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.extensions.surf.util.ParameterCheck;
import static org.alfresco.service.cmr.security.PermissionService.GROUP_PREFIX;
import java.util.AbstractSet;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.TreeSet;
import org.alfresco.model.ContentModel;
import org.alfresco.query.PagingRequest;
import org.alfresco.query.PagingResults;
import org.alfresco.repo.policy.ClassPolicyDelegate;
import org.alfresco.repo.policy.PolicyComponent;
import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.alfresco.repo.security.authority.AuthorityServicePolicies.OnAuthorityAddedToGroup;
import org.alfresco.repo.security.authority.AuthorityServicePolicies.OnAuthorityRemovedFromGroup;
import org.alfresco.repo.security.authority.AuthorityServicePolicies.OnGroupDeleted;
import org.alfresco.repo.security.permissions.PermissionServiceSPI;
import org.alfresco.repo.security.person.UserNameMatcher;
import org.alfresco.repo.tenant.TenantService;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.security.AuthenticationService;
import org.alfresco.service.cmr.security.AuthorityService;
import org.alfresco.service.cmr.security.AuthorityType;
import org.alfresco.service.cmr.security.PermissionService;
import org.alfresco.service.cmr.security.PersonService;
import org.alfresco.util.Pair;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.extensions.surf.util.ParameterCheck;
/**
* The default implementation of the authority service.
@@ -78,7 +85,12 @@ public class AuthorityServiceImpl implements AuthorityService, InitializingBean
private Set<String> guestSet = Collections.singleton(PermissionService.GUEST_AUTHORITY);
private Set<String> allSet = Collections.singleton(PermissionService.ALL_AUTHORITIES);
private Set<String> adminGroups = Collections.emptySet();
private Set<String> guestGroups = Collections.emptySet();
private Set<String> guestGroups = Collections.emptySet();
private ClassPolicyDelegate<OnAuthorityAddedToGroup> onAuthorityAddedToGroups;
private ClassPolicyDelegate<OnAuthorityRemovedFromGroup> onAuthorityRemovedFromGroup;
private ClassPolicyDelegate<OnGroupDeleted> onGroupDeletedDelegate;
private PolicyComponent policyComponent;
public AuthorityServiceImpl()
{
@@ -123,6 +135,18 @@ public class AuthorityServiceImpl implements AuthorityService, InitializingBean
public void setGuestGroups(Set<String> guestGroups)
{
this.guestGroups = guestGroups;
}
public void setPolicyComponent(PolicyComponent policyComponent)
{
this.policyComponent = policyComponent;
}
public void init()
{
onAuthorityAddedToGroups = policyComponent.registerClassPolicy(AuthorityServicePolicies.OnAuthorityAddedToGroup.class);
onAuthorityRemovedFromGroup = policyComponent.registerClassPolicy(AuthorityServicePolicies.OnAuthorityRemovedFromGroup.class);
onGroupDeletedDelegate = policyComponent.registerClassPolicy(AuthorityServicePolicies.OnGroupDeleted.class);
}
@Override
@@ -460,7 +484,13 @@ public class AuthorityServiceImpl implements AuthorityService, InitializingBean
*/
public void addAuthority(Collection<String> parentNames, String childName)
{
authorityDAO.addAuthority(parentNames, childName);
authorityDAO.addAuthority(parentNames, childName);
OnAuthorityAddedToGroup policy = onAuthorityAddedToGroups.get(ContentModel.TYPE_AUTHORITY);
for (String parentGroup : parentNames)
{
policy.onAuthorityAddedToGroup(parentGroup, childName);
}
}
private boolean containsMatch(Set<String> names, String name)
@@ -537,7 +567,18 @@ public class AuthorityServiceImpl implements AuthorityService, InitializingBean
}
}
authorityDAO.deleteAuthority(name);
permissionServiceSPI.deletePermissions(name);
permissionServiceSPI.deletePermissions(name);
if (isGroup(type))
{
OnGroupDeleted onGroupDelete = onGroupDeletedDelegate.get(ContentModel.TYPE_AUTHORITY);
onGroupDelete.onGroupDeleted(name, cascade);
}
}
private boolean isGroup(AuthorityType authorityType)
{
return AuthorityType.GROUP == authorityType || AuthorityType.EVERYONE == authorityType;
}
/**
@@ -583,7 +624,10 @@ public class AuthorityServiceImpl implements AuthorityService, InitializingBean
@Override
public void removeAuthority(String parentName, String childName)
{
authorityDAO.removeAuthority(parentName, childName);
authorityDAO.removeAuthority(parentName, childName);
OnAuthorityRemovedFromGroup policy = onAuthorityRemovedFromGroup.get(ContentModel.TYPE_AUTHORITY);
policy.onAuthorityRemovedFromGroup(parentName, childName);
}
/**

87
source/java/org/alfresco/repo/security/authority/AuthorityServicePolicies.java Normal file
View File

@@ -0,0 +1,87 @@
/*
* #%L
* Alfresco Repository
* %%
* Copyright (C) 2005 - 2017 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
* the paid license agreement will prevail. Otherwise, the software is
* provided under the following open source license terms:
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
* #L%
*/
package org.alfresco.repo.security.authority;
import org.alfresco.repo.policy.ClassPolicy;
import org.alfresco.service.namespace.NamespaceService;
import org.alfresco.service.namespace.QName;
/**
* Policies for AuthorityService
*
* @author cpopa
*
*/
public interface AuthorityServicePolicies
{
/**
* Policy invoked when an authority is added to a group
*/
public interface OnAuthorityAddedToGroup extends ClassPolicy
{
public static final QName QNAME = QName.createQName(NamespaceService.ALFRESCO_URI, "onAuthorityAddedToGroup");
/**
* An authority is added in a group
*
* @param parentGroup the group into which the authority is added
* @param childAuthority the authority being added to the groups
*/
public void onAuthorityAddedToGroup(String parentGroup, String childAuthority);
}
/**
* Policy invoked when an authority is removed from a group
*/
public interface OnAuthorityRemovedFromGroup extends ClassPolicy
{
public static final QName QNAME = QName.createQName(NamespaceService.ALFRESCO_URI, "onAuthorityRemovedFromGroup");
/**
* An authority was removed from a group
*
* @param parentGroup the group from which the authority is removed
* @param childAuthority the authority being removed from the group
*/
public void onAuthorityRemovedFromGroup(String parentGroup, String childAuthority);
}
/**
* Policy invoked when a group is deleted
*/
public interface OnGroupDeleted extends ClassPolicy
{
public static final QName QNAME = QName.createQName(NamespaceService.ALFRESCO_URI, "onGroupDeleted");
/**
* A group has been deleted
*
* @param groupName the group being deleted
* @param cascade whether the deletion is cascaded to child authorities
*/
public void onGroupDeleted(String groupName, boolean cascade);
}
}