001/* 002 * (C) Copyright 2015 Nuxeo SA (http://nuxeo.com/) and contributors. 003 * 004 * All rights reserved. This program and the accompanying materials 005 * are made available under the terms of the GNU Lesser General Public License 006 * (LGPL) version 2.1 which accompanies this distribution, and is available at 007 * http://www.gnu.org/licenses/lgpl-2.1.html 008 * 009 * This library is distributed in the hope that it will be useful, 010 * but WITHOUT ANY WARRANTY; without even the implied warranty of 011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 012 * Lesser General Public License for more details. 013 * 014 * Contributors: 015 * Vladimir Pasquier <vpasquier@nuxeo.com> 016 */ 017package org.nuxeo.ecm.automation.core.operations.document; 018 019import java.io.Serializable; 020import java.util.Calendar; 021import java.util.HashMap; 022import java.util.Map; 023 024import org.nuxeo.ecm.automation.core.Constants; 025import org.nuxeo.ecm.automation.core.annotations.Context; 026import org.nuxeo.ecm.automation.core.annotations.Operation; 027import org.nuxeo.ecm.automation.core.annotations.OperationMethod; 028import org.nuxeo.ecm.automation.core.annotations.Param; 029import org.nuxeo.ecm.automation.core.collectors.DocumentModelCollector; 030import org.nuxeo.ecm.core.api.ClientException; 031import org.nuxeo.ecm.core.api.CoreSession; 032import org.nuxeo.ecm.core.api.DocumentModel; 033import org.nuxeo.ecm.core.api.DocumentRef; 034import org.nuxeo.ecm.core.api.security.ACE; 035import org.nuxeo.ecm.core.api.security.ACL; 036 037/** 038 * Replaces a given ACE. 039 * 040 * @since 7.10 041 */ 042@Operation(id = ReplacePermission.ID, category = Constants.CAT_DOCUMENT, label = "Replace Permission", description = "Replace a given permission on the input document(s). Returns the document(s).") 043public class ReplacePermission { 044 045 public static final String ID = "Document.ReplacePermission"; 046 047 public static final String NOTIFY_KEY = "notify"; 048 049 public static final String COMMENT_KEY = "comment"; 050 051 @Context 052 protected CoreSession session; 053 054 @Param(name = "username", alias = "user", description = "ACE target user/group.") 055 protected String user; 056 057 @Param(name = "permission", description = "ACE permission.") 058 String permission; 059 060 @Param(name = "acl", required = false, values = { ACL.LOCAL_ACL }, description = "ACL name.") 061 String aclName = ACL.LOCAL_ACL; 062 063 @Param(name = "begin", required = false, description = "ACE begin date.") 064 Calendar begin; 065 066 @Param(name = "end", required = false, description = "ACE end date.") 067 Calendar end; 068 069 @Param(name = "id", description = "ACE id.") 070 String id; 071 072 @Param(name = "notify", required = false, description = "Notify the user or not") 073 boolean notify = false; 074 075 @Param(name = "comment", required = false, description = "Comment") 076 String comment; 077 078 @OperationMethod(collector = DocumentModelCollector.class) 079 public DocumentModel run(DocumentModel doc) throws ClientException { 080 replacePermission(doc); 081 return session.getDocument(doc.getRef()); 082 } 083 084 @OperationMethod(collector = DocumentModelCollector.class) 085 public DocumentModel run(DocumentRef docRef) throws ClientException { 086 DocumentModel doc = session.getDocument(docRef); 087 replacePermission(doc); 088 return doc; 089 } 090 091 protected void replacePermission(DocumentModel doc) throws ClientException { 092 Map<String, Serializable> contextData = new HashMap<>(); 093 contextData.put(NOTIFY_KEY, notify); 094 contextData.put(COMMENT_KEY, comment); 095 096 ACE oldACE = ACE.fromId(id); 097 098 ACE newACE = ACE.builder(user, permission) 099 .creator(session.getPrincipal().getName()) 100 .begin(begin) 101 .end(end) 102 .contextData(contextData) 103 .build(); 104 105 session.replaceACE(doc.getRef(), aclName, oldACE, newACE); 106 } 107 108}