Commit 6e05a83d authored by Matija Obreza's avatar Matija Obreza

Create or update permissions for specified SID

- Original code used authentication from the security context
parent 90dc2f6e
......@@ -18,7 +18,6 @@ package org.genesys.blocks.security.service;
import java.util.ArrayList;
import java.util.List;
import org.genesys.blocks.util.JsonSidConverter;
import org.genesys.blocks.security.model.AclAwareModel;
import org.genesys.blocks.security.model.AclClass;
import org.genesys.blocks.security.model.AclEntry;
......@@ -27,6 +26,7 @@ import org.genesys.blocks.security.model.AclSid;
import org.genesys.blocks.security.serialization.AclEntriesToPermissions;
import org.genesys.blocks.security.serialization.Permissions;
import org.genesys.blocks.security.serialization.SidPermissions;
import org.genesys.blocks.util.JsonSidConverter;
import org.springframework.security.acls.model.Permission;
import com.fasterxml.jackson.annotation.JsonUnwrapped;
......@@ -91,6 +91,14 @@ public interface CustomAclService extends JsonSidConverter.SidProvider {
*/
void createOrUpdatePermissions(AclAwareModel entity);
/**
* Adds the creator permissions or updates permission inheritance.
* @param target the ACL entity
* @param ownerSid Owner
*/
void createOrUpdatePermissions(AclAwareModel target, AclSid ownerSid);
/**
* Updates inheriting status of object identity.
*
......
......@@ -143,10 +143,10 @@ public class CustomAclServiceImpl implements CustomAclService {
return authoritySid;
}
@Override
@Transactional(propagation = Propagation.REQUIRED)
public void createOrUpdatePermissions(final AclAwareModel target) {
public void createOrUpdatePermissions(final AclAwareModel target, AclSid ownerSid) {
if (target == null || (target.getId() <= 0l && !(target instanceof ClassAclOid<?>))) {
LOG.warn("No target specified for ACL permissions, bailing out!");
return;
......@@ -165,7 +165,6 @@ public class CustomAclServiceImpl implements CustomAclService {
if (objectIdentity == null) {
objectIdentity = new AclObjectIdentity();
final AclSid ownerSid = SecurityContextUtil.getCurrentUser();
if (ownerSid == null) {
LOG.warn("No SID in security context, not assigning creator permissions");
} else if (ownerSid.isNew()) {
......@@ -201,7 +200,6 @@ public class CustomAclServiceImpl implements CustomAclService {
LOG.debug("Updating ACL parent object for class={} id={}", target.getClass().getName(), target.getId());
if (objectIdentity.getOwnerSid() == null) {
final AclSid ownerSid = SecurityContextUtil.getCurrentUser();
if (ownerSid != null && ! ownerSid.isNew()) {
objectIdentity.setOwnerSid(ownerSid);
......@@ -235,6 +233,18 @@ public class CustomAclServiceImpl implements CustomAclService {
clearAclCache();
}
@Override
@Transactional(propagation = Propagation.REQUIRED)
public void createOrUpdatePermissions(final AclAwareModel target) {
if (target == null || (target.getId() <= 0l && !(target instanceof ClassAclOid<?>))) {
LOG.warn("No target specified for ACL permissions, bailing out!");
return;
}
final AclSid ownerSid = SecurityContextUtil.getCurrentUser();
createOrUpdatePermissions(target, ownerSid);
}
@Override
@PreAuthorize("hasRole('ADMINISTRATOR')")
public AclObjectIdentity updateInheriting(final long objectIdIdentity, final boolean entriesInheriting) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment