Source code

001package org.nuxeo.ecm.platform.indexing.gateway.adapter;
002
003import java.util.Arrays;
004import java.util.LinkedList;
005import java.util.List;
006
007import org.nuxeo.ecm.core.api.security.PermissionProvider;
008import org.nuxeo.ecm.core.api.security.SecurityConstants;
009import org.nuxeo.runtime.api.Framework;
010
011/**
012 * Shared info about security filtering (copied from removed module)
013 *
014 * @author <a href="mailto:gracinet@nuxeo.com">Georges Racinet</a>
015 */
016public class SecurityFiltering {
017
018    public static final String[] BROWSE_PERMISSION_SEEDS = { SecurityConstants.BROWSE };
019
020    /**
021     * Return the recursive closure of all permissions that comprises the requested seed permissions. TODO: this logics
022     * should be moved upward to the PermissionProvider interface.
023     *
024     * @param seedPermissions
025     * @return the list of permissions, seeds inclusive
026     */
027    public static List<String> getPermissionList(String[] seedPermissions) {
028        PermissionProvider pprovider = Framework.getService(PermissionProvider.class);
029        List<String> aggregatedPerms = new LinkedList<String>();
030        for (String seedPerm : seedPermissions) {
031            aggregatedPerms.add(seedPerm);
032            String[] compoundPerms = pprovider.getPermissionGroups(seedPerm);
033            if (compoundPerms != null) {
034                aggregatedPerms.addAll(Arrays.asList(compoundPerms));
035            }
036        }
037        // EVERYTHING is special and may not be explicitly registered as a
038        // compound
039        if (!aggregatedPerms.contains(SecurityConstants.EVERYTHING)) {
040            aggregatedPerms.add(SecurityConstants.EVERYTHING);
041        }
042        return aggregatedPerms;
043    }
044
045    /**
046     * This is the list of all permissions that grant access to some indexed document.
047     *
048     * @return the list of all permissions that include Browse directly or un-directly
049     */
050    public static List<String> getBrowsePermissionList() {
051        return getPermissionList(BROWSE_PERMISSION_SEEDS);
052    }
053
054    // public static final String SEPARATOR = "#";
055
056    // public static final String ESCAPE = "[#]";
057
058    // Constant utility class.
059    // private SecurityFiltering() {
060    // }
061
062}