本文整理汇总了Java中org.alfresco.service.cmr.security.AccessStatus.DENIED属性的典型用法代码示例。如果您正苦于以下问题:Java AccessStatus.DENIED属性的具体用法?Java AccessStatus.DENIED怎么用?Java AccessStatus.DENIED使用的例子?那么恭喜您, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在类org.alfresco.service.cmr.security.AccessStatus
的用法示例。
在下文中一共展示了AccessStatus.DENIED属性的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: compareTo
public int compareTo(AccessControlEntry other)
{
int diff = this.getPosition() - other.getPosition();
if(diff == 0)
{
diff = (this.getAccessStatus()== AccessStatus.DENIED ? 0 : 1) - (other.getAccessStatus()== AccessStatus.DENIED ? 0 : 1);
if(diff == 0)
{
return getAuthorityType().getOrderPosition() - other.getAuthorityType().getOrderPosition();
}
else
{
return diff;
}
}
else
{
return diff;
}
}
示例2: ownerRead
protected AccessStatus ownerRead(String username, NodeRef nodeRef)
{
// Reviewed the behaviour of deny and ownership with Mike F
// ATM ownership takes precendence over READ deny
// TODO: check that global owner rights are set
AccessStatus result = AccessStatus.DENIED;
String owner = ownableService.getOwner(nodeRef);
if(owner == null)
{
// TODO node may not have auditable aspect and hence creator property
result = AccessStatus.DENIED;
}
// is the user the owner of the node?
if(EqualsHelper.nullSafeEquals(username, owner))
{
// ROLE_OWNER authority has FULL_CONTROL in permissionDefinitions
// so we don't need to check node requirements
return AccessStatus.ALLOWED;
}
return result;
}
示例3: execute
@Override
public AccessStatus execute(VirtualProtocol virtualProtocol, Reference reference) throws ProtocolMethodException
{
VirtualFolderDefinition definition = resolver.resolveVirtualFolderDefinition(reference);
FilingRule filingRule = definition.getFilingRule();
boolean readonly = filingRule.isNullFilingRule()
|| filingRule.filingNodeRefFor(new FilingParameters(reference)) == null;
if (readonly)
{
Set<String> deniedPermissions = userPermissions.getDenyReadonlySmartNodes();
if (deniedPermissions.contains(permissionToCheck))
{
return AccessStatus.DENIED;
}
if (PermissionService.READ.equals(permissionToCheck))
{
return AccessStatus.ALLOWED;
}
}
return userPermissions.hasVirtualNodePermission(permissionToCheck,
readonly);
}
示例4: hasVirtualNodePermission
public AccessStatus hasVirtualNodePermission(String permission, boolean readonly)
{
if (readonly)
{
if (denyReadonlySmartNodesFull.contains(permission) || denyReadonlySmartNodes.contains(permission))
{
return AccessStatus.DENIED;
}
}
if (denySmartNodesFull.contains(permission) || denySmartNodes.contains(permission))
{
return AccessStatus.DENIED;
}
else if (allowSmartNodesFull.contains(permission) || allowSmartNodes.contains(permission))
{
return AccessStatus.ALLOWED;
}
else
{
return AccessStatus.UNDETERMINED;
}
}
示例5: getSortedACLs
/**
* @return Sorted list of <code>AccessPermission</code> based on <code>CMISConnector.AccessPermissionComparator</code>
* and <code>AccessStatus</code> of the permission for an authority.
*/
public static List<AccessPermission> getSortedACLs(Set<AccessPermission> acls)
{
ArrayList<AccessPermission> ordered = new ArrayList<AccessPermission>(acls);
Map<String, AccessPermission> deDuplicatedPermissions = new HashMap<String, AccessPermission>(acls.size());
Collections.sort(ordered, new CMISConnector.AccessPermissionComparator());
for (AccessPermission current : ordered)
{
String composedKey = current.getAuthority() + current.getPermission();
if (current.getAccessStatus() == AccessStatus.ALLOWED)
{
deDuplicatedPermissions.put(composedKey, current);
}
else if (current.getAccessStatus() == AccessStatus.DENIED)
{
deDuplicatedPermissions.remove(composedKey);
}
}
return new ArrayList<AccessPermission>(deDuplicatedPermissions.values());
}
示例6: setUp
@Override
public void setUp() throws Exception
{
super.setUp();
denyAndyAll = new SimplePermissionEntry(rootNodeRef, permissionService.getAllPermissionReference(), "andy", AccessStatus.DENIED);
allowAndyAll = new SimplePermissionEntry(rootNodeRef, permissionService.getAllPermissionReference(), "andy", AccessStatus.ALLOWED);
denyAndyRead = new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), "andy", AccessStatus.DENIED);
allowAndyRead = new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), "andy", AccessStatus.ALLOWED);
denyAndyReadProperties = new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES), "andy", AccessStatus.DENIED);
allowAndyReadProperties = new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ_PROPERTIES), "andy", AccessStatus.ALLOWED);
allowAndyReadChildren = new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ_CHILDREN), "andy", AccessStatus.ALLOWED);
}
示例7: initialise
public void initialise(Element element, NamespacePrefixResolver nspr, PermissionModel permissionModel)
{
Attribute recipientAttribute = element.attribute(RECIPIENT);
if (recipientAttribute != null)
{
recipient = recipientAttribute.getStringValue();
}
else
{
recipient = null;
}
Attribute accessAttribute = element.attribute(ACCESS);
if (accessAttribute != null)
{
if (accessAttribute.getStringValue().equalsIgnoreCase(ALLOW))
{
access = AccessStatus.ALLOWED;
}
else if (accessAttribute.getStringValue().equalsIgnoreCase(DENY))
{
access = AccessStatus.DENIED;
}
else
{
throw new PermissionModelException("The default permission must be deny or allow");
}
}
else
{
access = AccessStatus.DENIED;
}
Element permissionReferenceElement = element.element(PERMISSION_REFERENCE);
QName typeQName = QName.createQName(permissionReferenceElement.attributeValue(TYPE), nspr);
String name = permissionReferenceElement.attributeValue(NAME);
permissionReference = PermissionReferenceImpl.getPermissionReference(typeQName, name);
}
示例8: isAllowed
public boolean isAllowed(CMISNodeInfo nodeInfo)
{
for (String permission : permissions)
{
if (permissionService.hasPermission(nodeInfo.getNodeRef(), permission) == AccessStatus.DENIED)
{
return false;
}
}
return true;
}
示例9: isReadOnly
/**
* Whether the folder is read-only for user.
*
* @return {@code boolean}
*/
@Override
protected boolean isReadOnly()
{
AccessStatus status = serviceRegistry.getPublicServiceAccessService().hasAccess(ServiceRegistry.NODE_SERVICE.getLocalName(), "createNode", folderInfo.getNodeRef(), null, null, null);
//serviceRegistry.getPermissionService().hasPermission(folderInfo.getNodeRef(), PermissionService.WRITE);
return status == AccessStatus.DENIED;
}
示例10: isDenied
public boolean isDenied()
{
return accessStatus == AccessStatus.DENIED;
}
示例11: pre
public AccessStatus pre(Object object, ConfigAttributeDefinition attr)
{
Iterator iter = this.getDecisionVoters().iterator();
int deny = 0;
while (iter.hasNext())
{
AccessDecisionVoter voter = (AccessDecisionVoter) iter.next();
int result = voter.vote(AuthenticationUtil.getFullAuthentication(), object, attr);
switch (result)
{
case AccessDecisionVoter.ACCESS_GRANTED:
return AccessStatus.ALLOWED;
case AccessDecisionVoter.ACCESS_DENIED:
deny++;
break;
default:
break;
}
}
if (deny > 0)
{
return AccessStatus.DENIED;
}
// To get this far, every AccessDecisionVoter abstained
if (this.isAllowIfAllAbstainDecisions())
{
return AccessStatus.ALLOWED;
}
else
{
return AccessStatus.DENIED;
}
}
示例12: decide
private NodeRef decide(Authentication authentication, Object object, ConfigAttributeDefinition config, NodeRef returnedObject) throws AccessDeniedException
{
if (returnedObject == null)
{
return null;
}
if(isUnfiltered(returnedObject))
{
return returnedObject;
}
List<ConfigAttributeDefintion> supportedDefinitions = extractSupportedDefinitions(config);
if (supportedDefinitions.size() == 0)
{
return returnedObject;
}
for (ConfigAttributeDefintion cad : supportedDefinitions)
{
NodeRef testNodeRef = null;
if (cad.typeString.equals(AFTER_ACL_NODE))
{
testNodeRef = returnedObject;
}
else if (cad.typeString.equals(AFTER_ACL_PARENT))
{
testNodeRef = nodeService.getPrimaryParent(returnedObject).getParentRef();
}
if ((testNodeRef != null) && (permissionService.hasPermission(testNodeRef, cad.required.toString()) == AccessStatus.DENIED))
{
throw new AccessDeniedException("Access Denied");
}
}
return returnedObject;
}
示例13: initialise
public void initialise(Element element, NamespacePrefixResolver nspr, PermissionModel permissionModel)
{
super.initialise(element, nspr, permissionModel);
Attribute att = element.attribute(EXPOSE);
if (att != null)
{
isExposed = Boolean.parseBoolean(att.getStringValue());
}
else
{
isExposed = true;
}
att = element.attribute(REQUIRES_TYPE);
if (att != null)
{
requiresType = Boolean.parseBoolean(att.getStringValue());
}
else
{
requiresType = true;
}
Attribute defaultPermissionAttribute = element.attribute(DEFAULT_PERMISSION);
if(defaultPermissionAttribute != null)
{
if(defaultPermissionAttribute.getStringValue().equalsIgnoreCase(ALLOW))
{
defaultPermission = AccessStatus.ALLOWED;
}
else if(defaultPermissionAttribute.getStringValue().equalsIgnoreCase(DENY))
{
defaultPermission = AccessStatus.DENIED;
}
else
{
throw new PermissionModelException("The default permission must be deny or allow");
}
}
else
{
defaultPermission = AccessStatus.DENIED;
}
for (Iterator gtgit = element.elementIterator(GRANTED_TO_GROUP); gtgit.hasNext(); /**/)
{
QName qName;
Element grantedToGroupsElement = (Element) gtgit.next();
Attribute typeAttribute = grantedToGroupsElement.attribute(GTG_TYPE);
if (typeAttribute != null)
{
qName = QName.createQName(typeAttribute.getStringValue(), nspr);
}
else
{
qName = getTypeQName();
}
String grantedName = grantedToGroupsElement.attributeValue(GTG_NAME);
grantedToGroups.add(PermissionReferenceImpl.getPermissionReference(qName, grantedName));
}
}
示例14: isGranted
/**
* Is a permission granted
*
* @param ace AccessControlEntry
* @param authorisations -
* the set of authorities
* @param denied -
* the set of denied permissions/authority pais
* @param context PermissionContext
* @return true if granted
*/
private boolean isGranted(AccessControlEntry ace, Set<String> authorisations, Set<Pair<String, PermissionReference>> denied, PermissionContext context)
{
// If the permission entry denies then we just deny
if (ace.getAccessStatus() == AccessStatus.DENIED)
{
denied.add(new Pair<String, PermissionReference>(ace.getAuthority(), ace.getPermission()));
Set<PermissionReference> granters = modelDAO.getGrantingPermissions(ace.getPermission());
for (PermissionReference granter : granters)
{
denied.add(new Pair<String, PermissionReference>(ace.getAuthority(), granter));
}
// All the things granted by this permission must be
// denied
Set<PermissionReference> grantees = modelDAO.getGranteePermissions(ace.getPermission());
for (PermissionReference grantee : grantees)
{
denied.add(new Pair<String, PermissionReference>(ace.getAuthority(), grantee));
}
// All permission excludes all permissions available for
// the node.
if (ace.getPermission().equals(getAllPermissionReference()) || ace.getPermission().equals(OLD_ALL_PERMISSIONS_REFERENCE))
{
for (PermissionReference deny : modelDAO.getAllPermissions(context.getType(), context.getAspects()))
{
denied.add(new Pair<String, PermissionReference>(ace.getAuthority(), deny));
}
}
return false;
}
// The permission is allowed but we deny it as it is in the denied
// set
if (denied != null)
{
Pair<String, PermissionReference> specific = new Pair<String, PermissionReference>(ace.getAuthority(), required);
if (denied.contains(specific))
{
return false;
}
}
// If the permission has a match in both the authorities and
// granters list it is allowed
// It applies to the current user and it is granted
if (authorisations.contains(ace.getAuthority()) && granters.contains(ace.getPermission()))
{
{
return true;
}
}
// Default deny
return false;
}
示例15: checkPattern
private boolean checkPattern(AclCrudDAO aclCrudDAO, Map<String, Object> result, int position, AccessControlEntry pattern)
{
Boolean result_aceIsAllowed = (Boolean) result.get("allowed");
Integer result_aceType = (Integer) result.get("applies");
String result_authority = (String) result.get("authority");
Long result_permissionId = (Long) result.get("permissionId");
Integer result_position = (Integer) result.get("pos");
//Long result_aclmemId = (Long) result.get("aclmemId"); // not used
if (pattern.getAccessStatus() != null)
{
if (pattern.getAccessStatus() != (result_aceIsAllowed ? AccessStatus.ALLOWED : AccessStatus.DENIED))
{
return false;
}
}
if (pattern.getAceType() != null)
{
if (pattern.getAceType() != ACEType.getACETypeFromId(result_aceType))
{
return false;
}
}
if (pattern.getAuthority() != null)
{
if ((pattern.getAuthorityType() != AuthorityType.WILDCARD) && !pattern.getAuthority().equals(result_authority))
{
return false;
}
}
if (pattern.getContext() != null)
{
throw new IllegalArgumentException("Context not yet supported");
}
if (pattern.getPermission() != null)
{
Long permId = aclCrudDAO.getPermission(pattern.getPermission()).getId();
if (!permId.equals(result_permissionId))
{
return false;
}
}
if (pattern.getPosition() != null)
{
if (pattern.getPosition().intValue() >= 0)
{
if (result_position != position)
{
return false;
}
}
else if (pattern.getPosition().intValue() == -1)
{
if (result_position <= position)
{
return false;
}
}
}
return true;
}