001/* 002 * (C) Copyright 2015 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * Florent Guillaume 018 */ 019package org.nuxeo.ecm.core.blob; 020 021import static org.apache.commons.lang3.StringUtils.EMPTY; 022import static org.nuxeo.ecm.core.blob.BlobProviderDescriptor.CREATE_FROM_KEY_GROUPS; 023import static org.nuxeo.ecm.core.blob.BlobProviderDescriptor.CREATE_FROM_KEY_USERS; 024import static org.nuxeo.ecm.core.blob.BlobProviderDescriptor.PREVENT_USER_UPDATE; 025import static org.nuxeo.ecm.core.blob.BlobProviderDescriptor.TRANSIENT; 026 027import java.io.IOException; 028import java.util.Arrays; 029import java.util.List; 030import java.util.Map; 031 032import org.nuxeo.ecm.core.api.NuxeoPrincipal; 033import org.nuxeo.ecm.core.api.local.ClientLoginModule; 034 035/** 036 * Abstract implementation for {@link BlobProvider} providing common logic. 037 * 038 * @since 7.10 039 */ 040public abstract class AbstractBlobProvider implements BlobProvider { 041 042 public String blobProviderId; 043 044 public Map<String, String> properties; 045 046 @Override 047 public void initialize(String blobProviderId, Map<String, String> properties) throws IOException { 048 this.blobProviderId = blobProviderId; 049 this.properties = properties; 050 } 051 052 protected boolean supportsUserUpdateDefaultTrue() { 053 return !Boolean.parseBoolean(properties.get(PREVENT_USER_UPDATE)); 054 } 055 056 protected boolean supportsUserUpdateDefaultFalse() { 057 return !Boolean.parseBoolean(properties.getOrDefault(PREVENT_USER_UPDATE, "true")); 058 } 059 060 @Override 061 public boolean supportsUserUpdate() { 062 return supportsUserUpdateDefaultTrue(); 063 } 064 065 @Override 066 public boolean isTransient() { 067 return Boolean.parseBoolean(properties.get(TRANSIENT)); 068 } 069 070 @Override 071 public Map<String, String> getProperties() { 072 return properties; 073 } 074 075 @Override 076 public boolean hasCreateFromKeyPermission() { 077 NuxeoPrincipal principal = ClientLoginModule.getCurrentPrincipal(); 078 if (principal == null) { 079 return false; 080 } 081 082 String createFromKeyUsers = properties.getOrDefault(CREATE_FROM_KEY_USERS, EMPTY); 083 String createFromKeyGroups = properties.getOrDefault(CREATE_FROM_KEY_GROUPS, EMPTY); 084 085 if ("*".equals(createFromKeyUsers) || "*".equals(createFromKeyGroups)) { 086 return true; 087 } 088 List<String> authorizedUsers = Arrays.asList(createFromKeyUsers.split(",")); 089 List<String> authorizedGroups = Arrays.asList(createFromKeyGroups.split(",")); 090 091 return principal.isAdministrator() || authorizedUsers.contains(principal.getName()) 092 || authorizedGroups.stream().anyMatch(principal::isMemberOf); 093 } 094 095}