001/*
002 * (C) Copyright 2015 Nuxeo SA (http://nuxeo.com/) and others.
003 *
004 * Licensed under the Apache License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 *     http://www.apache.org/licenses/LICENSE-2.0
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 *
016 * Contributors:
017 *     Nicolas Chapurlat <nchapurlat@nuxeo.com>
018 */
019
020package org.nuxeo.ecm.core.io.marshallers.json.enrichers;
021
022import static org.nuxeo.ecm.core.io.registry.reflect.Instantiations.SINGLETON;
023import static org.nuxeo.ecm.core.io.registry.reflect.Priorities.REFERENCE;
024
025import java.io.IOException;
026import java.security.Principal;
027import java.util.Arrays;
028import java.util.List;
029
030import org.codehaus.jackson.JsonGenerator;
031import org.nuxeo.ecm.core.api.CoreSession;
032import org.nuxeo.ecm.core.api.DocumentModel;
033import org.nuxeo.ecm.core.io.registry.context.RenderingContext.SessionWrapper;
034import org.nuxeo.ecm.core.io.registry.reflect.Setup;
035
036import com.google.common.base.Predicate;
037import com.google.common.collect.Iterables;
038
039/**
040 * Enrich {@link DocumentModel} Json.
041 * <p>
042 * Add permission available for current user on given {@link DocumentModel}'s as json attachment. Limit permission to
043 * Read, Write and Everything.
044 * </p>
045 * <p>
046 * Enable if parameter enrichers-document=permissions is present.
047 * </p>
048 * <p>
049 * Format is:
050 *
051 * <pre>
052 * {@code
053 * {
054 *   "entity-type":"document",
055 *   ...
056 *   "contextParameters": {
057 *     "permissions": [ "Read", "Write", "Everything" ]  <- depending on current user permission on document
058 *   }
059 * }
060 * </pre>
061 *
062 * </p>
063 *
064 * @since 7.2
065 */
066@Setup(mode = SINGLETON, priority = REFERENCE)
067public class BasePermissionsJsonEnricher extends AbstractJsonEnricher<DocumentModel> {
068
069    public static final String NAME = "permissions";
070
071    private final List<String> availablePermissions = Arrays.asList("Read", "Write", "Everything");
072
073    public BasePermissionsJsonEnricher() {
074        super(NAME);
075    }
076
077    @Override
078    public void write(JsonGenerator jg, DocumentModel document) throws IOException {
079        jg.writeArrayFieldStart(NAME);
080        try (SessionWrapper wrapper = ctx.getSession(document)) {
081            for (String permission : getPermissionsInSession(document, wrapper.getSession())) {
082                jg.writeString(permission);
083            }
084        }
085        jg.writeEndArray();
086    }
087
088    private Iterable<String> getPermissionsInSession(final DocumentModel doc, final CoreSession session) {
089        final Principal principal = session.getPrincipal();
090        return Iterables.filter(availablePermissions, new Predicate<String>() {
091            @Override
092            public boolean apply(String permission) {
093                return session.hasPermission(principal, doc.getRef(), permission);
094            }
095        });
096    }
097
098}