001/*
002 * (C) Copyright 2015 Nuxeo SA (http://nuxeo.com/) and others.
003 *
004 * Licensed under the Apache License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 *     http://www.apache.org/licenses/LICENSE-2.0
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 *
016 * Contributors:
017 *     dmetzler
018 *     Vladimir Pasquier <vpasquier@nuxeo.com>
019 */
020package org.nuxeo.ecm.automation.core.operations.document;
021
022import java.io.Serializable;
023import java.util.Calendar;
024import java.util.Map;
025
026import org.nuxeo.ecm.core.api.security.ACE;
027import org.nuxeo.ecm.core.api.security.ACP;
028
029/**
030 * Helper for AddPermission and RemovePermission operations.
031 *
032 * @since 5.8
033 * @deprecated since 7.4. Methods to managing permissions are now on ACP / ACL.
034 */
035@Deprecated
036public final class DocumentPermissionHelper {
037
038    private DocumentPermissionHelper() {
039
040    }
041
042    /**
043     * @param acp The ACP to modify
044     * @param aclName the name of the ACL to target
045     * @param userName the name of the principal (user or group)
046     * @param permission the permission of the ACE
047     * @param blockInheritance Should we block inheritance
048     * @param currentPrincipalName the creator
049     * @return true if something has changed on the document security
050     */
051    public static boolean addPermission(ACP acp, String aclName, String userName, String permission,
052            boolean blockInheritance, String currentPrincipalName) {
053        return addPermission(acp, aclName, userName, permission, blockInheritance, currentPrincipalName, null, null,
054                null);
055    }
056
057    /**
058     * @param acp The ACP to modify
059     * @param aclName the name of the ACL to target
060     * @param userName the name of the principal (user or group)
061     * @param permission the permission of the ACE
062     * @param blockInheritance should we block inheritance
063     * @param currentPrincipalName the creator
064     * @param begin the begin date of the ACE
065     * @param end the end date of the ACE
066     * @return true if something has changed on the document security
067     * @since 7.4
068     */
069    public static boolean addPermission(ACP acp, String aclName, String userName, String permission,
070            boolean blockInheritance, String currentPrincipalName, Calendar begin, Calendar end,
071            Map<String, Serializable> contextData) {
072        boolean acpChanged = false;
073        if (blockInheritance) {
074            acpChanged = acp.blockInheritance(aclName, currentPrincipalName);
075        }
076        acpChanged = acpChanged || acp.addACE(aclName,
077                ACE.builder(userName, permission)
078                   .creator(currentPrincipalName)
079                   .begin(begin)
080                   .end(end)
081                   .contextData(contextData)
082                   .build());
083        return acpChanged;
084    }
085
086    /**
087     * @param acp The ACP to modify
088     * @param aclName the name of the ACL to target
089     * @param principalName the name of the principal (user or group)
090     * @return true if something has changed on the document security
091     */
092    public static boolean removePermission(ACP acp, String aclName, String principalName) {
093        return acp.removeACEsByUsername(aclName, principalName);
094    }
095
096    /**
097     * Removes an ACE given its id.
098     *
099     * @param acp The ACP to modify
100     * @param aclName the name of the ACL to target
101     * @param id the id of the ACE
102     * @return true if something has changed on the document security
103     * @since 7.3
104     */
105    public static boolean removePermissionById(ACP acp, String aclName, String id) {
106        return acp.removeACE(aclName, ACE.fromId(id));
107    }
108}