001/*
002 * Copyright (c) 2006-2011 Nuxeo SA (http://nuxeo.com/) and others.
003 *
004 * All rights reserved. This program and the accompanying materials
005 * are made available under the terms of the Eclipse Public License v1.0
006 * which accompanies this distribution, and is available at
007 * http://www.eclipse.org/legal/epl-v10.html
008 *
009 * Contributors:
010 *     Florent Guillaume
011 */
012package org.nuxeo.ecm.core.storage.sql.security;
013
014import java.security.Principal;
015
016import org.nuxeo.ecm.core.api.security.ACP;
017import org.nuxeo.ecm.core.api.security.Access;
018import org.nuxeo.ecm.core.model.Document;
019import org.nuxeo.ecm.core.query.sql.model.SQLQuery.Transformer;
020import org.nuxeo.ecm.core.security.AbstractSecurityPolicy;
021import org.nuxeo.ecm.core.security.SecurityPolicy;
022
023/**
024 * Dummy security policy denying all access to File objects.
025 *
026 * @author Florent Guillaume
027 */
028public class NoFileSecurityPolicy extends AbstractSecurityPolicy implements SecurityPolicy {
029
030    @Override
031    public Access checkPermission(Document doc, ACP mergedAcp, Principal principal, String permission,
032            String[] resolvedPermissions, String[] additionalPrincipals) {
033        if (doc.getType().getName().equals("File")) {
034            return Access.DENY;
035        }
036        return Access.UNKNOWN;
037    }
038
039    @Override
040    public boolean isRestrictingPermission(String permission) {
041        return true;
042    }
043
044    @Override
045    public boolean isExpressibleInQuery() {
046        return false;
047    }
048
049    @Override
050    public Transformer getQueryTransformer() {
051        throw new UnsupportedOperationException();
052    }
053
054}