001/* 002 * (C) Copyright 2006-2016 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * Florent Guillaume 018 */ 019package org.nuxeo.ecm.core.storage.sql.security; 020 021import org.nuxeo.ecm.core.api.NuxeoPrincipal; 022import org.nuxeo.ecm.core.api.security.ACP; 023import org.nuxeo.ecm.core.api.security.Access; 024import org.nuxeo.ecm.core.model.Document; 025import org.nuxeo.ecm.core.query.sql.model.SQLQuery.Transformer; 026import org.nuxeo.ecm.core.security.AbstractSecurityPolicy; 027import org.nuxeo.ecm.core.security.SecurityPolicy; 028 029/** 030 * Dummy security policy denying all access to File objects. 031 * 032 * @author Florent Guillaume 033 */ 034public class NoFileSecurityPolicy extends AbstractSecurityPolicy implements SecurityPolicy { 035 036 @Override 037 public Access checkPermission(Document doc, ACP mergedAcp, NuxeoPrincipal principal, String permission, 038 String[] resolvedPermissions, String[] additionalPrincipals) { 039 if (doc.getType().getName().equals("File")) { 040 return Access.DENY; 041 } 042 return Access.UNKNOWN; 043 } 044 045 @Override 046 public boolean isRestrictingPermission(String permission) { 047 return true; 048 } 049 050 @Override 051 public boolean isExpressibleInQuery(String repositoryName) { 052 return false; 053 } 054 055 @Override 056 public Transformer getQueryTransformer(String repositoryName) { 057 throw new UnsupportedOperationException(); 058 } 059 060}