Extend ACL service

- clear ACL cache

Extend ACL service
- clear ACL cache
f5163f3f · Maxym Borodenko · Matija Obreza · a05c6557 · f5163f3f · f5163f3f
Commit f5163f3f authored Nov 12, 2018 by Maxym Borodenko Committed by Matija Obreza Nov 12, 2018
2 changed files
--- a/security/src/main/java/org/genesys/blocks/security/service/CustomAclService.java
+++ b/security/src/main/java/org/genesys/blocks/security/service/CustomAclService.java
@@ -69,6 +69,22 @@ public interface CustomAclService {
 	 */
 	void createOrUpdatePermissions(AclAwareModel entity);

+	/**
+	 * Updates inheriting status of object identity
+	 *
+	 * @param objectIdIdentity the id of object identity
+	 * @param entriesInheriting the inheriting status
+	 */
+	AclObjectIdentity updateInheriting(long objectIdIdentity, boolean entriesInheriting);
+
+	/**
+	 * Updates parent object of object identity
+	 *
+	 * @param objectIdIdentity the id of object identity
+	 * @param parentObjectId the id of parent object identity
+	 */
+	AclObjectIdentity updateParentObject(long objectIdIdentity, long parentObjectId);
+
 	/**
 	 * Removes the permissions on ACL model.
 	 *

--- a/security/src/main/java/org/genesys/blocks/security/service/impl/CustomAclServiceImpl.java
+++ b/security/src/main/java/org/genesys/blocks/security/service/impl/CustomAclServiceImpl.java
@@ -184,6 +184,52 @@ public class CustomAclServiceImpl implements CustomAclService {
 		}
 	}

+	@Override
+	@PreAuthorize("hasRole('ADMINISTRATOR')")
+	public AclObjectIdentity updateInheriting(final long objectIdIdentity, final boolean entriesInheriting) {
+		final AclObjectIdentity objectIdentity = aclObjectIdentityPersistence.findOne(objectIdIdentity);
+		if (objectIdentity == null) {
+			LOG.warn("ACL object identity not found by id={}", objectIdIdentity);
+			return null;
+		}
+
+		if (objectIdentity.isEntriesInheriting() == entriesInheriting) {
+			return objectIdentity;
+		} else {
+			try {
+				LOG.info("Updating inheriting status for OID={} to {}", objectIdentity, entriesInheriting);
+				objectIdentity.setEntriesInheriting(entriesInheriting);
+				return aclObjectIdentityPersistence.save(objectIdentity);
+			} finally {
+				clearAclCache();
+			}
+		}
+	}
+
+	@Override
+	@PreAuthorize("hasRole('ADMINISTRATOR')")
+	public AclObjectIdentity updateParentObject(final long objectIdIdentity, final long parentObjectId) {
+		final AclObjectIdentity objectIdentity = aclObjectIdentityPersistence.findOne(objectIdIdentity);
+		if (objectIdentity == null) {
+			LOG.warn("ACL object identity not found by id={}", objectIdIdentity);
+			return null;
+		}
+
+		final AclObjectIdentity parentObject = aclObjectIdentityPersistence.findOne(parentObjectId);
+		if (parentObject == null) {
+			LOG.warn("ACL object identity not found by id={}", objectIdIdentity);
+			return null;
+		}
+
+		try {
+			LOG.trace("Updating ACL parent to {}", parentObject);
+			objectIdentity.setParentObject(parentObject);
+			return aclObjectIdentityPersistence.save(objectIdentity);
+		} finally {
+			clearAclCache();
+		}
+	}
+
 	/**
 	 * Remove ACL data for AclAwareModel: deletes {@link AclObjectIdentity} and
 	 * associated {@link AclEntry} list. If target happens to be {@link AclSid},