001/* 002 * (C) Copyright 2015 Nuxeo SA (http://nuxeo.com/) and contributors. 003 * 004 * All rights reserved. This program and the accompanying materials 005 * are made available under the terms of the GNU Lesser General Public License 006 * (LGPL) version 2.1 which accompanies this distribution, and is available at 007 * http://www.gnu.org/licenses/lgpl-2.1.html 008 * 009 * This library is distributed in the hope that it will be useful, 010 * but WITHOUT ANY WARRANTY; without even the implied warranty of 011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 012 * Lesser General Public License for more details. 013 * 014 * Contributors: 015 * Nicolas Chapurlat <nchapurlat@nuxeo.com> 016 */ 017 018package org.nuxeo.ecm.core.io.marshallers.json.enrichers; 019 020import static org.nuxeo.ecm.core.io.registry.reflect.Instantiations.SINGLETON; 021import static org.nuxeo.ecm.core.io.registry.reflect.Priorities.REFERENCE; 022 023import java.io.IOException; 024import java.security.Principal; 025import java.util.Arrays; 026import java.util.List; 027 028import org.codehaus.jackson.JsonGenerator; 029import org.nuxeo.ecm.core.api.CoreSession; 030import org.nuxeo.ecm.core.api.DocumentModel; 031import org.nuxeo.ecm.core.io.registry.context.RenderingContext.SessionWrapper; 032import org.nuxeo.ecm.core.io.registry.reflect.Setup; 033 034import com.google.common.base.Predicate; 035import com.google.common.collect.Iterables; 036 037/** 038 * Enrich {@link DocumentModel} Json. 039 * <p> 040 * Add permission available for current user on given {@link DocumentModel}'s as json attachment. Limit permission to 041 * Read, Write and Everything. 042 * </p> 043 * <p> 044 * Enable if parameter enrichers.document=permissions is present. 045 * </p> 046 * <p> 047 * Format is: 048 * 049 * <pre> 050 * {@code 051 * { 052 * "entity-type":"document", 053 * ... 054 * "contextParameters": { 055 * "permissions": [ "Read", "Write", "Everything" ] <- depending on current user permission on document 056 * } 057 * } 058 * </pre> 059 * 060 * </p> 061 * 062 * @since 7.2 063 */ 064@Setup(mode = SINGLETON, priority = REFERENCE) 065public class BasePermissionsJsonEnricher extends AbstractJsonEnricher<DocumentModel> { 066 067 public static final String NAME = "permissions"; 068 069 private final List<String> availablePermissions = Arrays.asList("Read", "Write", "Everything"); 070 071 public BasePermissionsJsonEnricher() { 072 super(NAME); 073 } 074 075 @Override 076 public void write(JsonGenerator jg, DocumentModel document) throws IOException { 077 jg.writeArrayFieldStart(NAME); 078 try (SessionWrapper wrapper = ctx.getSession(document)) { 079 for (String permission : getPermissionsInSession(document, wrapper.getSession())) { 080 jg.writeString(permission); 081 } 082 } 083 jg.writeEndArray(); 084 } 085 086 private Iterable<String> getPermissionsInSession(final DocumentModel doc, final CoreSession session) { 087 final Principal principal = session.getPrincipal(); 088 return Iterables.filter(availablePermissions, new Predicate<String>() { 089 @Override 090 public boolean apply(String permission) { 091 return session.hasPermission(principal, doc.getRef(), permission); 092 } 093 }); 094 } 095 096}