001/* 002 * (C) Copyright 2015 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * dmetzler 018 * Vladimir Pasquier <vpasquier@nuxeo.com> 019 */ 020package org.nuxeo.ecm.automation.core.operations.document; 021 022import java.io.Serializable; 023import java.util.Calendar; 024import java.util.Map; 025 026import org.nuxeo.ecm.core.api.security.ACE; 027import org.nuxeo.ecm.core.api.security.ACP; 028 029/** 030 * Helper for AddPermission and RemovePermission operations. 031 * 032 * @since 5.8 033 * @deprecated since 7.4. Methods to managing permissions are now on ACP / ACL. 034 */ 035@Deprecated 036public final class DocumentPermissionHelper { 037 038 private DocumentPermissionHelper() { 039 040 } 041 042 /** 043 * @param acp The ACP to modify 044 * @param aclName the name of the ACL to target 045 * @param userName the name of the principal (user or group) 046 * @param permission the permission of the ACE 047 * @param blockInheritance Should we block inheritance 048 * @param currentPrincipalName the creator 049 * @return true if something has changed on the document security 050 */ 051 public static boolean addPermission(ACP acp, String aclName, String userName, String permission, 052 boolean blockInheritance, String currentPrincipalName) { 053 return addPermission(acp, aclName, userName, permission, blockInheritance, currentPrincipalName, null, null, 054 null); 055 } 056 057 /** 058 * @param acp The ACP to modify 059 * @param aclName the name of the ACL to target 060 * @param userName the name of the principal (user or group) 061 * @param permission the permission of the ACE 062 * @param blockInheritance should we block inheritance 063 * @param currentPrincipalName the creator 064 * @param begin the begin date of the ACE 065 * @param end the end date of the ACE 066 * @return true if something has changed on the document security 067 * @since 7.4 068 */ 069 public static boolean addPermission(ACP acp, String aclName, String userName, String permission, 070 boolean blockInheritance, String currentPrincipalName, Calendar begin, Calendar end, 071 Map<String, Serializable> contextData) { 072 boolean acpChanged = false; 073 if (blockInheritance) { 074 acpChanged = acp.blockInheritance(aclName, currentPrincipalName); 075 } 076 acpChanged = acpChanged || acp.addACE(aclName, 077 ACE.builder(userName, permission) 078 .creator(currentPrincipalName) 079 .begin(begin) 080 .end(end) 081 .contextData(contextData) 082 .build()); 083 return acpChanged; 084 } 085 086 /** 087 * @param acp The ACP to modify 088 * @param aclName the name of the ACL to target 089 * @param principalName the name of the principal (user or group) 090 * @return true if something has changed on the document security 091 */ 092 public static boolean removePermission(ACP acp, String aclName, String principalName) { 093 return acp.removeACEsByUsername(aclName, principalName); 094 } 095 096 /** 097 * Removes an ACE given its id. 098 * 099 * @param acp The ACP to modify 100 * @param aclName the name of the ACL to target 101 * @param id the id of the ACE 102 * @return true if something has changed on the document security 103 * @since 7.3 104 */ 105 public static boolean removePermissionById(ACP acp, String aclName, String id) { 106 return acp.removeACE(aclName, ACE.fromId(id)); 107 } 108}