001/*
002 * (C) Copyright 2015 Nuxeo SA (http://nuxeo.com/) and contributors.
003 *
004 * All rights reserved. This program and the accompanying materials
005 * are made available under the terms of the GNU Lesser General Public License
006 * (LGPL) version 2.1 which accompanies this distribution, and is available at
007 * http://www.gnu.org/licenses/lgpl-2.1.html
008 *
009 * This library is distributed in the hope that it will be useful,
010 * but WITHOUT ANY WARRANTY; without even the implied warranty of
011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
012 * Lesser General Public License for more details.
013 *
014 * Contributors:
015 *     Nicolas Chapurlat <nchapurlat@nuxeo.com>
016 */
017
018package org.nuxeo.ecm.core.io.marshallers.json.enrichers;
019
020import static org.nuxeo.ecm.core.io.registry.reflect.Instantiations.SINGLETON;
021import static org.nuxeo.ecm.core.io.registry.reflect.Priorities.REFERENCE;
022
023import java.io.IOException;
024import java.security.Principal;
025import java.util.Arrays;
026import java.util.List;
027
028import org.codehaus.jackson.JsonGenerator;
029import org.nuxeo.ecm.core.api.CoreSession;
030import org.nuxeo.ecm.core.api.DocumentModel;
031import org.nuxeo.ecm.core.io.registry.context.RenderingContext.SessionWrapper;
032import org.nuxeo.ecm.core.io.registry.reflect.Setup;
033
034import com.google.common.base.Predicate;
035import com.google.common.collect.Iterables;
036
037/**
038 * Enrich {@link DocumentModel} Json.
039 * <p>
040 * Add permission available for current user on given {@link DocumentModel}'s as json attachment. Limit permission to
041 * Read, Write and Everything.
042 * </p>
043 * <p>
044 * Enable if parameter enrichers.document=permissions is present.
045 * </p>
046 * <p>
047 * Format is:
048 *
049 * <pre>
050 * {@code
051 * {
052 *   "entity-type":"document",
053 *   ...
054 *   "contextParameters": {
055 *     "permissions": [ "Read", "Write", "Everything" ]  <- depending on current user permission on document
056 *   }
057 * }
058 * </pre>
059 *
060 * </p>
061 *
062 * @since 7.2
063 */
064@Setup(mode = SINGLETON, priority = REFERENCE)
065public class BasePermissionsJsonEnricher extends AbstractJsonEnricher<DocumentModel> {
066
067    public static final String NAME = "permissions";
068
069    private final List<String> availablePermissions = Arrays.asList("Read", "Write", "Everything");
070
071    public BasePermissionsJsonEnricher() {
072        super(NAME);
073    }
074
075    @Override
076    public void write(JsonGenerator jg, DocumentModel document) throws IOException {
077        jg.writeArrayFieldStart(NAME);
078        try (SessionWrapper wrapper = ctx.getSession(document)) {
079            for (String permission : getPermissionsInSession(document, wrapper.getSession())) {
080                jg.writeString(permission);
081            }
082        }
083        jg.writeEndArray();
084    }
085
086    private Iterable<String> getPermissionsInSession(final DocumentModel doc, final CoreSession session) {
087        final Principal principal = session.getPrincipal();
088        return Iterables.filter(availablePermissions, new Predicate<String>() {
089            @Override
090            public boolean apply(String permission) {
091                return session.hasPermission(principal, doc.getRef(), permission);
092            }
093        });
094    }
095
096}