1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.exoplatform.wiki.mow.core.api.wiki;
18
19 import org.chromattic.api.ChromatticSession;
20 import org.exoplatform.services.jcr.access.AccessControlEntry;
21 import org.exoplatform.services.jcr.access.AccessControlList;
22 import org.exoplatform.services.jcr.core.ExtendedNode;
23 import org.exoplatform.services.log.ExoLogger;
24 import org.exoplatform.services.log.Log;
25 import org.exoplatform.services.security.ConversationState;
26 import org.exoplatform.services.security.Identity;
27 import org.exoplatform.services.security.IdentityConstants;
28 import org.exoplatform.wiki.WikiException;
29 import org.exoplatform.wiki.mow.api.PermissionType;
30 import org.exoplatform.wiki.mow.core.api.MOWService;
31 import org.exoplatform.wiki.utils.JCRUtils;
32
33 import javax.jcr.Node;
34 import javax.jcr.RepositoryException;
35 import java.util.ArrayList;
36 import java.util.Arrays;
37 import java.util.HashMap;
38 import java.util.List;
39
40 public class PermissionImpl {
41 private static final Log log = ExoLogger.getLogger(PermissionImpl.class);
42
43 protected MOWService mowService;
44
45 public void setMOWService(MOWService mowService) {
46 this.mowService = mowService;
47 }
48
49 public MOWService getMOWService() {
50 return mowService;
51 }
52
53 public HashMap<String, String[]> getPermission(String jcrPath) throws WikiException {
54 try {
55 ExtendedNode extendedNode = (ExtendedNode) getJCRNode(jcrPath);
56 HashMap<String, String[]> perm = new HashMap<>();
57 AccessControlList acl = extendedNode.getACL();
58 List<AccessControlEntry> aceList = acl.getPermissionEntries();
59 for (int i = 0, length = aceList.size(); i < length; i++) {
60 AccessControlEntry ace = aceList.get(i);
61 String[] nodeActions = perm.get(ace.getIdentity());
62 List<String> actions;
63 if (nodeActions != null) {
64 actions = new ArrayList<>(Arrays.asList(nodeActions));
65 } else {
66 actions = new ArrayList<>();
67 }
68 actions.add(ace.getPermission());
69 perm.put(ace.getIdentity(), actions.toArray(new String[actions.size()]));
70 }
71 return perm;
72 } catch (Exception e) {
73 throw new WikiException("Cannot get permissions of node " + jcrPath, e);
74 }
75 }
76
77 public boolean hasPermission(PermissionType permissionType, String jcrPath) {
78 ConversationState conversationState = ConversationState.getCurrent();
79 Identity user;
80 if (conversationState != null) {
81 user = conversationState.getIdentity();
82 } else {
83 user = new Identity(IdentityConstants.ANONIM);
84 }
85 return hasPermission(permissionType, jcrPath, user);
86 }
87
88 public boolean hasPermission(PermissionType permissionType, String jcrPath, Identity user) {
89
90 String[] permission = new String[] {};
91 if (PermissionType.VIEWPAGE.equals(permissionType) || PermissionType.VIEW_ATTACHMENT.equals(permissionType)) {
92 permission = new String[] { org.exoplatform.services.jcr.access.PermissionType.READ };
93 } else if (PermissionType.EDITPAGE.equals(permissionType) || PermissionType.EDIT_ATTACHMENT.equals(permissionType)) {
94 permission = new String[] { org.exoplatform.services.jcr.access.PermissionType.ADD_NODE,
95 org.exoplatform.services.jcr.access.PermissionType.REMOVE,
96 org.exoplatform.services.jcr.access.PermissionType.SET_PROPERTY };
97 }
98
99 try {
100
101 ExtendedNode extendedNode = (ExtendedNode) getJCRNode(jcrPath);
102 AccessControlList acl = extendedNode.getACL();
103
104 return JCRUtils.hasPermission(acl, permission, user);
105 } catch(RepositoryException e) {
106 log.error("Cannot check permissions of user " + user.getUserId() + " on node " + jcrPath
107 + " - Cause : " + e.getMessage(), e);
108 return false;
109 }
110 }
111
112 public void setPermission(HashMap<String, String[]> permissions, String jcrPath) throws WikiException {
113 getChromatticSession().save();
114 try {
115 ExtendedNode extendedNode = (ExtendedNode) getJCRNode(jcrPath);
116 if (extendedNode.canAddMixin("exo:privilegeable")) {
117 extendedNode.addMixin("exo:privilegeable");
118 }
119
120 if (permissions != null && permissions.size() > 0) {
121 extendedNode.setPermissions(permissions);
122 } else {
123 extendedNode.clearACL();
124 extendedNode.setPermission(IdentityConstants.ANY, org.exoplatform.services.jcr.access.PermissionType.ALL);
125 }
126 } catch(RepositoryException e) {
127 throw new WikiException("Cannot set permissions on node " + jcrPath, e);
128 }
129 }
130
131 protected ChromatticSession getChromatticSession() {
132 return mowService.getSession();
133 }
134
135 protected Node getJCRNode(String path) throws RepositoryException {
136 return (Node) getChromatticSession().getJCRSession().getItem(path);
137 }
138 }