001/* 002 * Copyright (c) 2006-2011 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * All rights reserved. This program and the accompanying materials 005 * are made available under the terms of the Eclipse Public License v1.0 006 * which accompanies this distribution, and is available at 007 * http://www.eclipse.org/legal/epl-v10.html 008 * 009 * Contributors: 010 * Florent Guillaume 011 */ 012package org.nuxeo.ecm.core.storage.sql.security; 013 014import java.security.Principal; 015 016import org.nuxeo.ecm.core.api.security.ACP; 017import org.nuxeo.ecm.core.api.security.Access; 018import org.nuxeo.ecm.core.model.Document; 019import org.nuxeo.ecm.core.query.sql.model.SQLQuery.Transformer; 020import org.nuxeo.ecm.core.security.AbstractSecurityPolicy; 021import org.nuxeo.ecm.core.security.SecurityPolicy; 022 023/** 024 * Dummy security policy denying all access to File objects. 025 * 026 * @author Florent Guillaume 027 */ 028public class NoFileSecurityPolicy extends AbstractSecurityPolicy implements SecurityPolicy { 029 030 @Override 031 public Access checkPermission(Document doc, ACP mergedAcp, Principal principal, String permission, 032 String[] resolvedPermissions, String[] additionalPrincipals) { 033 if (doc.getType().getName().equals("File")) { 034 return Access.DENY; 035 } 036 return Access.UNKNOWN; 037 } 038 039 @Override 040 public boolean isRestrictingPermission(String permission) { 041 return true; 042 } 043 044 @Override 045 public boolean isExpressibleInQuery() { 046 return false; 047 } 048 049 @Override 050 public Transformer getQueryTransformer() { 051 throw new UnsupportedOperationException(); 052 } 053 054}