当前位置: 首页>>代码示例>>Java>>正文


Java AccessStatus.ALLOWED属性代码示例

本文整理汇总了Java中org.alfresco.service.cmr.security.AccessStatus.ALLOWED属性的典型用法代码示例。如果您正苦于以下问题:Java AccessStatus.ALLOWED属性的具体用法?Java AccessStatus.ALLOWED怎么用?Java AccessStatus.ALLOWED使用的例子?那么恭喜您, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在org.alfresco.service.cmr.security.AccessStatus的用法示例。


在下文中一共展示了AccessStatus.ALLOWED属性的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: ownerRead

protected AccessStatus ownerRead(String username, NodeRef nodeRef)
{
    // Reviewed the behaviour of deny and ownership with Mike F
    // ATM ownership takes precendence over READ deny
    // TODO: check that global owner rights are set
    
    AccessStatus result = AccessStatus.DENIED;

    String owner = ownableService.getOwner(nodeRef);
    if(owner == null)
    {
        // TODO node may not have auditable aspect and hence creator property
        result = AccessStatus.DENIED;
    }

    // is the user the owner of the node?
    if(EqualsHelper.nullSafeEquals(username, owner))
    {
        // ROLE_OWNER authority has FULL_CONTROL in permissionDefinitions
        // so we don't need to check node requirements    		
        return AccessStatus.ALLOWED;
    }

    return result;
}
 
开发者ID:Alfresco,项目名称:alfresco-repository,代码行数:25,代码来源:PermissionServiceImpl.java

示例2: toString

/**
 * Override Object.toString() to provide useful debug output
 */
public String toString()
{
    if (this.nodeService.exists(nodeRef))
    {
        if (this.services.getPermissionService().hasPermission(nodeRef, PermissionService.READ_PROPERTIES) == AccessStatus.ALLOWED)
        {
            // TODO: DC: Allow debug output of property values - for now it's disabled as this could potentially
            // follow a large network of nodes.
            return "Node Type: " + getType() + ", Node Aspects: " + getAspectsSet().toString();
        }
        else
        {
            return "Access denied to node " + nodeRef;
        }

    }
    else
    {
        return "Node no longer exists: " + nodeRef;
    }
}
 
开发者ID:Alfresco,项目名称:alfresco-repository,代码行数:24,代码来源:ScriptNode.java

示例3: hasVirtualNodePermission

public AccessStatus hasVirtualNodePermission(String permission, boolean readonly)
{
    if (readonly)
    {
        if (denyReadonlySmartNodesFull.contains(permission) || denyReadonlySmartNodes.contains(permission))
        {
            return AccessStatus.DENIED;
        }
    }

    if (denySmartNodesFull.contains(permission) || denySmartNodes.contains(permission))
    {
        return AccessStatus.DENIED;
    }
    else if (allowSmartNodesFull.contains(permission) || allowSmartNodes.contains(permission))
    {
        return AccessStatus.ALLOWED;
    }
    else
    {
        return AccessStatus.UNDETERMINED;
    }
}
 
开发者ID:Alfresco,项目名称:alfresco-repository,代码行数:23,代码来源:VirtualUserPermissions.java

示例4: getRulesForNode

private List<Rule> getRulesForNode(NodeRef nodeRef)
{
        // Extra check of CONSUMER permission was added to rule selection,
        // to prevent Access Denied Exception due to the bug:
        // https://issues.alfresco.com/browse/ETWOTWO-438
        
    if (!runtimeNodeService.hasAspect(nodeRef, RuleModel.ASPECT_RULES) ||
        permissionService.hasPermission(nodeRef, PermissionService.READ) != AccessStatus.ALLOWED)
    {
        // Doesn't have the aspect or the user doesn't have access
        return Collections.emptyList();
    }
    List<Rule> nodeRules = nodeRulesCache.get(nodeRef);
    if (nodeRules != null)
    {
        // We have already processed this node
        return nodeRules;
    }
    // Not in the cache, so go and get the rules
    nodeRules = new ArrayList<Rule>();
    NodeRef ruleFolder = getSavedRuleFolderRef(nodeRef);
    if (ruleFolder != null)
    {
        // Get the rules for this node
        List<ChildAssociationRef> ruleChildAssocRefs = 
            this.runtimeNodeService.getChildAssocs(ruleFolder, RegexQNamePattern.MATCH_ALL, ASSOC_NAME_RULES_REGEX);
        for (ChildAssociationRef ruleChildAssocRef : ruleChildAssocRefs)
        {
            // Create the rule and add to the list
            NodeRef ruleNodeRef = ruleChildAssocRef.getChildRef();
            Rule rule = getRule(ruleNodeRef);
            nodeRules.add(rule);
        }
    }
    // Store this in the cache for later re-use
    nodeRulesCache.put(nodeRef, nodeRules);
    // Done
    return nodeRules;
}
 
开发者ID:Alfresco,项目名称:alfresco-repository,代码行数:39,代码来源:RuleServiceImpl.java

示例5: pre

public AccessStatus pre(Object object)
{
    ConfigAttributeDefinition attr = this.obtainObjectDefinitionSource().getAttributes(object);
    if (this.getAccessDecisionManager() instanceof AffirmativeBasedAccessDecisionManger)
    {
        return ((AffirmativeBasedAccessDecisionManger)getAccessDecisionManager()).pre(object, attr); 
    }
    else
    {
        return AccessStatus.ALLOWED;
    }
}
 
开发者ID:Alfresco,项目名称:alfresco-repository,代码行数:12,代码来源:MethodSecurityInterceptor.java

示例6: canUserEditPost

/**
 * Is the current user allowed to edit this post?
 * In order to be deemed allowed, you first need write
 *  permissions on the underlying node of the post.
 * You then also need to either be the cm:creator of
 *  the post node, or a site manager
 */
protected boolean canUserEditPost(PostInfo post, SiteInfo site)
{
   // Are they OK on the node?
   AccessStatus canEdit = permissionService.hasPermission(post.getNodeRef(), PermissionService.WRITE); 
   if (canEdit == AccessStatus.ALLOWED)
   {
      // Only the creator and site managers may edit
      String user = AuthenticationUtil.getFullyAuthenticatedUser();
      if (post.getCreator().equals(user))
      {
         // It's their post
         return true;
      }
      if (site != null)
      {
         String role = siteService.getMembersRole(site.getShortName(), user);
         if (SiteServiceImpl.SITE_MANAGER.equals(role))
         {
            // Managers may edit
            return true;
         }
      }
   }
   
   // If in doubt, you may not edit
   return false;
}
 
开发者ID:Alfresco,项目名称:alfresco-remote-api,代码行数:34,代码来源:AbstractDiscussionWebScript.java

示例7: canEditPermission

private boolean canEditPermission(NodeRef commentNodeRef)
{
    String creator = (String)nodeService.getProperty(commentNodeRef, ContentModel.PROP_CREATOR);
    Serializable owner = nodeService.getProperty(commentNodeRef, ContentModel.PROP_OWNER);
    String currentUser = AuthenticationUtil.getFullyAuthenticatedUser();

    boolean isSiteManager = permissionService.hasPermission(commentNodeRef, SiteModel.SITE_MANAGER) == (AccessStatus.ALLOWED);
    boolean isCoordinator = permissionService.hasPermission(commentNodeRef, PermissionService.COORDINATOR) == (AccessStatus.ALLOWED);
    return (isSiteManager || isCoordinator || currentUser.equals(creator) || currentUser.equals(owner));
}
 
开发者ID:Alfresco,项目名称:alfresco-repository,代码行数:10,代码来源:CommentServiceImpl.java

示例8: canAddMember

/**
 * @see org.alfresco.service.cmr.site.SiteService#canAddMember(java.lang.String,
 *      java.lang.String, java.lang.String)
 */
public boolean canAddMember(final String shortName, final String authorityName, final String role)
{
    final NodeRef siteNodeRef = getSiteNodeRef(shortName);
    if (siteNodeRef == null)
    {
        throw new SiteDoesNotExistException(shortName);
    }

    // Get the user's current role
    final String currentRole = getMembersRole(shortName, authorityName);

    // Get the visibility of the site
    SiteVisibility visibility = getSiteVisibility(siteNodeRef);

    // If we are ...
    // -- the current user has change permissions rights on the site
    // or we are ...
    // -- referring to a public site and
    // -- the role being set is consumer and
    // -- the user being added is ourselves and
    // -- the member does not already have permissions
    // ... then we can set the permissions as system user
    final String currentUserName = AuthenticationUtil.getFullyAuthenticatedUser();
    return ((permissionService.hasPermission(siteNodeRef, PermissionService.CHANGE_PERMISSIONS) == AccessStatus.ALLOWED)
                || isSiteAdmin(currentUserName) || (SiteVisibility.PUBLIC.equals(visibility)
                && role.equals(SiteModel.SITE_CONSUMER) && authorityName.equals(currentUserName) && currentRole == null));
}
 
开发者ID:Alfresco,项目名称:alfresco-repository,代码行数:31,代码来源:SiteServiceImpl.java

示例9: getSiteName

private String getSiteName(NodeRef nodeRef)
{
    NodeRef parent = nodeService.getPrimaryParent(nodeRef).getParentRef();

    while (parent != null && !nodeService.getType(parent).equals(SiteModel.TYPE_SITE))
    {
        // check that we can read parent name
        if (permissionService.hasReadPermission(parent) == AccessStatus.ALLOWED)
        {
            String parentName = (String) nodeService.getProperty(parent,ContentModel.PROP_NAME);
        }
        else
        {
            return null;
        }

        if (nodeService.getPrimaryParent(nodeRef) != null)
        {
            parent = nodeService.getPrimaryParent(parent).getParentRef();
        }
    }
    if (parent == null)
    {
        return null;
    }

    return nodeService.getProperty(parent, ContentModel.PROP_NAME).toString();
}
 
开发者ID:Alfresco,项目名称:alfresco-repository,代码行数:28,代码来源:QuickShareServiceImpl.java

示例10: removeAllRules

@Override
public void removeAllRules(NodeRef nodeRef)
{
    checkForLinkedRules(nodeRef);
    
    if (this.permissionService.hasPermission(nodeRef, PermissionService.CHANGE_PERMISSIONS) == AccessStatus.ALLOWED)
    {
        if (this.nodeService.exists(nodeRef) == true && 
            this.nodeService.hasAspect(nodeRef, RuleModel.ASPECT_RULES) == true)
        {
            NodeRef folder = getSavedRuleFolderRef(nodeRef);
            if (folder != null)
            {
                List<ChildAssociationRef> ruleChildAssocs = this.nodeService.getChildAssocs(
                                                                            folder, 
                                                                            RegexQNamePattern.MATCH_ALL, ASSOC_NAME_RULES_REGEX);
                for (ChildAssociationRef ruleChildAssoc : ruleChildAssocs)
                {
                    this.nodeService.removeChild(folder, ruleChildAssoc.getChildRef());
                }
            }
            
            // As this was the last rule on the node, remove the aspect
            this.nodeService.removeAspect(nodeRef, RuleModel.ASPECT_RULES);
        }
        // Drop the rules from the cache
        nodeRulesCache.remove(nodeRef);
    }
    else
    {
        throw new RuleServiceException("Insufficient permissions to remove a rule.");
    }
}
 
开发者ID:Alfresco,项目名称:alfresco-repository,代码行数:33,代码来源:RuleServiceImpl.java

示例11: createContainer

/**
 * Creates a new site container
 * 
 * @param componentId   component id
 * @param folderType    folder type to create
 * @return ScriptNode   the created container
 */
public ScriptNode createContainer(final String componentId, final String folderType, final Object permissions)
{
    final NodeRef containerNodeRef = this.createContainerImpl(componentId, folderType, permissions);
    if (Site.this.serviceRegistry.getPermissionService().hasPermission(containerNodeRef, PermissionService.READ_PROPERTIES) == AccessStatus.ALLOWED) 
    {
        return getContainer(componentId); 
    }
    else
    {
        // current user has no access.
        return null;
    }          
}
 
开发者ID:Alfresco,项目名称:alfresco-repository,代码行数:20,代码来源:Site.java

示例12: toJSONObject

/**
 * Convert a node reference to a JSON object.  Selects the correct converter based on selection
 * implementation.
 */
@SuppressWarnings("unchecked")
public JSONObject toJSONObject(final NodeRef nodeRef, final boolean useShortQNames)
{
    final JSONObject json = new JSONObject();
    
    if (this.nodeService.exists(nodeRef))
    {
        if (publicServiceAccessService.hasAccess(ServiceRegistry.NODE_SERVICE.getLocalName(), "getProperties", nodeRef) == AccessStatus.ALLOWED)
        {
            // init namespace prefix cache
            namespacePrefixCache.get().clear();
            
            // Get node info
            FileInfo nodeInfo = this.fileFolderService.getFileInfo(nodeRef);
            
            // Set root values
            setRootValues(nodeInfo, json, useShortQNames);                                       
            
            // add permissions
            json.put("permissions", permissionsToJSON(nodeRef));
            
            // add properties
            json.put("properties", propertiesToJSON(nodeRef, nodeInfo.getProperties(), useShortQNames));
            
            // add aspects
            json.put("aspects", apsectsToJSON(nodeRef, useShortQNames));
        }
    }    
    
    return json;
}
 
开发者ID:Alfresco,项目名称:alfresco-repository,代码行数:35,代码来源:JSONConversionComponent.java

示例13: personExists

/**
 * {@inheritDoc}
 */
public boolean personExists(String caseSensitiveUserName)
{
    NodeRef person = getPersonOrNullImpl(caseSensitiveUserName); 
    if (person != null)
    {
        // re: THOR-293
        return permissionServiceSPI.hasPermission(person, PermissionService.READ) == AccessStatus.ALLOWED;
    }
    return false;
}
 
开发者ID:Alfresco,项目名称:alfresco-repository,代码行数:13,代码来源:PersonServiceImpl.java

示例14: pre

public AccessStatus pre(Object object, ConfigAttributeDefinition attr)
{
    Iterator iter = this.getDecisionVoters().iterator();
    int deny = 0;

    while (iter.hasNext())
    {
        AccessDecisionVoter voter = (AccessDecisionVoter) iter.next();
        int result = voter.vote(AuthenticationUtil.getFullAuthentication(), object, attr);

        switch (result)
        {
        case AccessDecisionVoter.ACCESS_GRANTED:
            return AccessStatus.ALLOWED;

        case AccessDecisionVoter.ACCESS_DENIED:
            deny++;

            break;

        default:
            break;
        }
    }

    if (deny > 0)
    {
        return AccessStatus.DENIED;
    }

    // To get this far, every AccessDecisionVoter abstained
    if (this.isAllowIfAllAbstainDecisions())
    {
        return AccessStatus.ALLOWED;
    }
    else
    {
        return AccessStatus.DENIED;
    }

}
 
开发者ID:Alfresco,项目名称:alfresco-repository,代码行数:41,代码来源:AffirmativeBasedAccessDecisionManger.java

示例15: removeRule

@Override
public void removeRule(NodeRef nodeRef, Rule rule)
{
    checkForLinkedRules(nodeRef);
    
    if (this.permissionService.hasPermission(nodeRef, PermissionService.CHANGE_PERMISSIONS) == AccessStatus.ALLOWED)
    {
        if (this.nodeService.exists(nodeRef) == true &&
            this.nodeService.hasAspect(nodeRef, RuleModel.ASPECT_RULES) == true)
        {
            disableRules(nodeRef);
            try
            {
                NodeRef ruleNodeRef = rule.getNodeRef();
                if (ruleNodeRef != null)
                {
                    this.nodeService.removeChild(getSavedRuleFolderRef(nodeRef), ruleNodeRef);
                }
            }
            finally
            {
                enableRules(nodeRef);
            }
            
            // If this was the last rule on the node, remove the aspect
            if(countRules(nodeRef) == 0)
            {
                // Since this is the last rule, unlink any linked rulesets
                List<NodeRef> linkedFrom = getLinkedFromRuleNodes(nodeRef);
                if (linkedFrom.isEmpty() == false)
                {
                    for (NodeRef linkedFromNodeRef : linkedFrom)
                    {
                        NodeRef ruleFolder = getSavedRuleFolderAssoc(nodeRef).getChildRef();
                        nodeService.removeChild(linkedFromNodeRef, ruleFolder);
                        nodeService.removeAspect(linkedFromNodeRef, RuleModel.ASPECT_RULES);                            
                    }
                }
                
                this.nodeService.removeAspect(nodeRef, RuleModel.ASPECT_RULES);
            }
        }
        // Drop the rules from the cache
        nodeRulesCache.remove(nodeRef);
    }
    else
    {
        throw new RuleServiceException("Insufficient permissions to remove a rule.");
    }
}
 
开发者ID:Alfresco,项目名称:alfresco-repository,代码行数:50,代码来源:RuleServiceImpl.java


注:本文中的org.alfresco.service.cmr.security.AccessStatus.ALLOWED属性示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。