Commit 0163e53a authored by Matija Obreza's avatar Matija Obreza
Browse files

Remove all ACL data when AclAwareModel is deleted

parent eb231064
......@@ -111,15 +111,15 @@ public class AclAssignerAspect {
// Remove permissions owned by SID
aclService.removePermissionsFor(aclSid);
// Remove permissions on SID
maybeRemovePermissions(aclSid);
maybeRemoveAclAwareModel(aclSid);
} else if (arg0 instanceof AclAwareModel) {
final AclAwareModel aclModel = (AclAwareModel) arg0;
maybeRemovePermissions(aclModel);
maybeRemoveAclAwareModel(aclModel);
} else if (arg0 instanceof Iterable) {
// Handle collections of AclAwareModel
final Iterable<?> i = (Iterable<?>) arg0;
for (final Object o : i) {
maybeRemovePermissions(o);
maybeRemoveAclAwareModel(o);
}
} else {
LOG.trace("{} is not instance of AclAwareModel", arg0);
......@@ -134,10 +134,10 @@ public class AclAssignerAspect {
*
* @param obj the obj
*/
private void maybeRemovePermissions(final Object obj) {
private void maybeRemoveAclAwareModel(final Object obj) {
if (obj instanceof AclAwareModel) {
LOG.debug("Removing ACL entries for model={}", obj);
aclService.removePermissions((AclAwareModel) obj);
aclService.removeAclAwareModel((AclAwareModel) obj);
} else {
LOG.trace("{} is not instance of AclAwareModel", obj);
}
......
......@@ -73,7 +73,7 @@ public interface CustomAclService {
*
* @param target the target
*/
void removePermissions(AclAwareModel target);
void removeAclAwareModel(AclAwareModel target);
/**
* Removes the all permissions of SID.
......
......@@ -156,17 +156,25 @@ public class CustomAclServiceImpl implements CustomAclService {
}
}
/**
* Remove ACL data for AclAwareModel: deletes {@link AclObjectIdentity} and
* associated {@link AclEntry} list. If target happens to be {@link AclSid},
* permissions granted to the SID are removed.
*/
@Override
@Transactional(propagation = Propagation.REQUIRED)
public void removePermissions(final AclAwareModel target) {
LOG.debug("Deleting all ACL entries for {}", target);
final AclObjectIdentity savedAclObjectIdentity = getObjectIdentity(target);
if (savedAclObjectIdentity != null) {
final List<AclEntry> aclEntries = aclEntryPersistence.findByObjectIdentity(savedAclObjectIdentity);
if (aclEntries != null) {
aclEntryPersistence.delete(aclEntries);
aclObjectIdentityPersistence.delete(savedAclObjectIdentity.getId());
public void removeAclAwareModel(final AclAwareModel target) {
LOG.debug("Deleting ACL data for {}", target);
if (target instanceof AclSid) {
LOG.info("Deleting permissions for {}", target);
removePermissionsFor((AclSid) target);
}
final AclObjectIdentity aclObjectIdentity = getObjectIdentity(target);
if (aclObjectIdentity != null) {
LOG.info("Deleting ACL data of {}", target);
aclObjectIdentityPersistence.delete(aclObjectIdentity.getId());
clearAclCache();
}
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment