001/* 002 * (C) Copyright 2015 Nuxeo SA (http://nuxeo.com/) and contributors. 003 * 004 * All rights reserved. This program and the accompanying materials 005 * are made available under the terms of the GNU Lesser General Public License 006 * (LGPL) version 2.1 which accompanies this distribution, and is available at 007 * http://www.gnu.org/licenses/lgpl-2.1.html 008 * 009 * This library is distributed in the hope that it will be useful, 010 * but WITHOUT ANY WARRANTY; without even the implied warranty of 011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 012 * Lesser General Public License for more details. 013 * 014 * Contributors: 015 * dmetzler 016 * Vladimir Pasquier <vpasquier@nuxeo.com> 017 */ 018package org.nuxeo.ecm.automation.core.operations.document; 019 020import java.io.Serializable; 021import java.util.Calendar; 022import java.util.Map; 023 024import org.nuxeo.ecm.core.api.security.ACE; 025import org.nuxeo.ecm.core.api.security.ACP; 026 027/** 028 * Helper for AddPermission and RemovePermission operations. 029 * 030 * @since 5.8 031 * @deprecated since 7.4. Methods to managing permissions are now on ACP / ACL. 032 */ 033@Deprecated 034public final class DocumentPermissionHelper { 035 036 private DocumentPermissionHelper() { 037 038 } 039 040 /** 041 * @param acp The ACP to modify 042 * @param aclName the name of the ACL to target 043 * @param userName the name of the principal (user or group) 044 * @param permission the permission of the ACE 045 * @param blockInheritance Should we block inheritance 046 * @param currentPrincipalName the creator 047 * @return true if something has changed on the document security 048 */ 049 public static boolean addPermission(ACP acp, String aclName, String userName, String permission, 050 boolean blockInheritance, String currentPrincipalName) { 051 return addPermission(acp, aclName, userName, permission, blockInheritance, currentPrincipalName, null, null, 052 null); 053 } 054 055 /** 056 * @param acp The ACP to modify 057 * @param aclName the name of the ACL to target 058 * @param userName the name of the principal (user or group) 059 * @param permission the permission of the ACE 060 * @param blockInheritance should we block inheritance 061 * @param currentPrincipalName the creator 062 * @param begin the begin date of the ACE 063 * @param end the end date of the ACE 064 * @return true if something has changed on the document security 065 * @since 7.4 066 */ 067 public static boolean addPermission(ACP acp, String aclName, String userName, String permission, 068 boolean blockInheritance, String currentPrincipalName, Calendar begin, Calendar end, 069 Map<String, Serializable> contextData) { 070 boolean acpChanged = false; 071 if (blockInheritance) { 072 acpChanged = acp.blockInheritance(aclName, currentPrincipalName); 073 } 074 acpChanged = acpChanged || acp.addACE(aclName, 075 ACE.builder(userName, permission) 076 .creator(currentPrincipalName) 077 .begin(begin) 078 .end(end) 079 .contextData(contextData) 080 .build()); 081 return acpChanged; 082 } 083 084 /** 085 * @param acp The ACP to modify 086 * @param aclName the name of the ACL to target 087 * @param principalName the name of the principal (user or group) 088 * @return true if something has changed on the document security 089 */ 090 public static boolean removePermission(ACP acp, String aclName, String principalName) { 091 return acp.removeACEsByUsername(aclName, principalName); 092 } 093 094 /** 095 * Removes an ACE given its id. 096 * 097 * @param acp The ACP to modify 098 * @param aclName the name of the ACL to target 099 * @param id the id of the ACE 100 * @return true if something has changed on the document security 101 * @since 7.3 102 */ 103 public static boolean removePermissionById(ACP acp, String aclName, String id) { 104 return acp.removeACE(aclName, ACE.fromId(id)); 105 } 106}