Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
Genesys PGR
App Blocks
Commits
169882e2
Commit
169882e2
authored
Nov 26, 2019
by
Matija Obreza
Browse files
ACL: Setting parent ACL object
parent
ab6dc88b
Changes
3
Show whitespace changes
Inline
Side-by-side
security/src/main/java/org/genesys/blocks/security/model/BasicUser.java
View file @
169882e2
...
@@ -338,9 +338,6 @@ public abstract class BasicUser<R extends GrantedAuthority> extends AclSid imple
...
@@ -338,9 +338,6 @@ public abstract class BasicUser<R extends GrantedAuthority> extends AclSid imple
authorities
.
addAll
(
getRoles
().
stream
().
map
(
role
->
new
SimpleGrantedAuthority
(
role
.
getAuthority
())).
collect
(
Collectors
.
toSet
()));
authorities
.
addAll
(
getRoles
().
stream
().
map
(
role
->
new
SimpleGrantedAuthority
(
role
.
getAuthority
())).
collect
(
Collectors
.
toSet
()));
if
(
runtimeAuthorities
!=
null
)
{
if
(
runtimeAuthorities
!=
null
)
{
authorities
.
addAll
(
runtimeAuthorities
.
stream
().
map
(
SimpleGrantedAuthority:
:
new
).
collect
(
Collectors
.
toSet
()));
authorities
.
addAll
(
runtimeAuthorities
.
stream
().
map
(
SimpleGrantedAuthority:
:
new
).
collect
(
Collectors
.
toSet
()));
System
.
err
.
println
(
"User has extra runtime authorities: "
+
runtimeAuthorities
);
}
else
{
System
.
err
.
println
(
"User has no extra runtime authorities: "
+
runtimeAuthorities
);
}
}
return
authorities
;
return
authorities
;
}
}
...
...
security/src/main/java/org/genesys/blocks/security/service/CustomAclService.java
View file @
169882e2
...
@@ -104,6 +104,15 @@ public interface CustomAclService extends JsonSidConverter.SidProvider {
...
@@ -104,6 +104,15 @@ public interface CustomAclService extends JsonSidConverter.SidProvider {
*/
*/
AclObjectIdentity
updateParentObject
(
long
objectIdIdentity
,
long
parentObjectId
);
AclObjectIdentity
updateParentObject
(
long
objectIdIdentity
,
long
parentObjectId
);
/**
* Set ACL parent object for inherited permissions
*
* @param target the target ACL object on which to change ACL
* @param parent the parent ACL object
* @return
*/
AclObjectIdentity
setAclParent
(
AclAwareModel
target
,
AclAwareModel
parent
);
/**
/**
* Removes the permissions on ACL model.
* Removes the permissions on ACL model.
*
*
...
...
security/src/main/java/org/genesys/blocks/security/service/impl/CustomAclServiceImpl.java
View file @
169882e2
...
@@ -257,6 +257,15 @@ public class CustomAclServiceImpl implements CustomAclService {
...
@@ -257,6 +257,15 @@ public class CustomAclServiceImpl implements CustomAclService {
}
}
}
}
@Override
@PreAuthorize
(
"hasRole('ADMINISTRATOR')"
)
public
AclObjectIdentity
setAclParent
(
AclAwareModel
target
,
AclAwareModel
parent
)
{
final
AclObjectIdentity
objectIdentity
=
getObjectIdentity
(
target
);
final
AclObjectIdentity
parentIdentity
=
parent
==
null
?
null
:
getObjectIdentity
(
parent
);
return
updateAclParentObject
(
objectIdentity
,
parentIdentity
);
}
@Override
@Override
@PreAuthorize
(
"hasRole('ADMINISTRATOR')"
)
@PreAuthorize
(
"hasRole('ADMINISTRATOR')"
)
public
AclObjectIdentity
updateParentObject
(
final
long
objectIdIdentity
,
final
long
parentObjectId
)
{
public
AclObjectIdentity
updateParentObject
(
final
long
objectIdIdentity
,
final
long
parentObjectId
)
{
...
@@ -266,15 +275,21 @@ public class CustomAclServiceImpl implements CustomAclService {
...
@@ -266,15 +275,21 @@ public class CustomAclServiceImpl implements CustomAclService {
return
null
;
return
null
;
}
}
final
AclObjectIdentity
parent
Object
=
aclObjectIdentityPersistence
.
findOne
(
parentObjectId
);
final
AclObjectIdentity
parent
Identity
=
aclObjectIdentityPersistence
.
findOne
(
parentObjectId
);
if
(
parent
Object
==
null
)
{
if
(
parent
Identity
==
null
)
{
LOG
.
warn
(
"ACL object identity not found by id={}"
,
objectIdIdentity
);
LOG
.
warn
(
"ACL object identity not found by id={}"
,
objectIdIdentity
);
return
null
;
return
null
;
}
}
return
updateAclParentObject
(
objectIdentity
,
parentIdentity
);
}
private
AclObjectIdentity
updateAclParentObject
(
final
AclObjectIdentity
objectIdentity
,
final
AclObjectIdentity
parentObject
)
{
try
{
try
{
LOG
.
trace
(
"Updating ACL parent to {}"
,
parentObject
);
LOG
.
trace
(
"Updating ACL parent to {}"
,
parentObject
);
objectIdentity
.
setParentObject
(
parentObject
);
objectIdentity
.
setParentObject
(
parentObject
);
objectIdentity
.
setEntriesInheriting
(
parentObject
!=
null
);
return
aclObjectIdentityPersistence
.
save
(
objectIdentity
);
return
aclObjectIdentityPersistence
.
save
(
objectIdentity
);
}
finally
{
}
finally
{
clearAclCache
();
clearAclCache
();
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment