001/* 002 * (C) Copyright 2015 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * Nicolas Chapurlat <nchapurlat@nuxeo.com> 018 */ 019 020package org.nuxeo.ecm.core.io.marshallers.json.enrichers; 021 022import static org.nuxeo.ecm.core.io.registry.reflect.Instantiations.SINGLETON; 023import static org.nuxeo.ecm.core.io.registry.reflect.Priorities.REFERENCE; 024 025import java.io.IOException; 026import java.security.Principal; 027import java.util.Arrays; 028import java.util.List; 029 030import org.codehaus.jackson.JsonGenerator; 031import org.nuxeo.ecm.core.api.CoreSession; 032import org.nuxeo.ecm.core.api.DocumentModel; 033import org.nuxeo.ecm.core.io.registry.context.RenderingContext.SessionWrapper; 034import org.nuxeo.ecm.core.io.registry.reflect.Setup; 035 036import com.google.common.base.Predicate; 037import com.google.common.collect.Iterables; 038 039/** 040 * Enrich {@link DocumentModel} Json. 041 * <p> 042 * Add permission available for current user on given {@link DocumentModel}'s as json attachment. Limit permission to 043 * Read, Write and Everything. 044 * </p> 045 * <p> 046 * Enable if parameter enrichers-document=permissions is present. 047 * </p> 048 * <p> 049 * Format is: 050 * 051 * <pre> 052 * {@code 053 * { 054 * "entity-type":"document", 055 * ... 056 * "contextParameters": { 057 * "permissions": [ "Read", "Write", "Everything" ] <- depending on current user permission on document 058 * } 059 * } 060 * </pre> 061 * 062 * </p> 063 * 064 * @since 7.2 065 */ 066@Setup(mode = SINGLETON, priority = REFERENCE) 067public class BasePermissionsJsonEnricher extends AbstractJsonEnricher<DocumentModel> { 068 069 public static final String NAME = "permissions"; 070 071 private final List<String> availablePermissions = Arrays.asList("Read", "Write", "Everything"); 072 073 public BasePermissionsJsonEnricher() { 074 super(NAME); 075 } 076 077 @Override 078 public void write(JsonGenerator jg, DocumentModel document) throws IOException { 079 jg.writeArrayFieldStart(NAME); 080 try (SessionWrapper wrapper = ctx.getSession(document)) { 081 for (String permission : getPermissionsInSession(document, wrapper.getSession())) { 082 jg.writeString(permission); 083 } 084 } 085 jg.writeEndArray(); 086 } 087 088 private Iterable<String> getPermissionsInSession(final DocumentModel doc, final CoreSession session) { 089 final Principal principal = session.getPrincipal(); 090 return Iterables.filter(availablePermissions, new Predicate<String>() { 091 @Override 092 public boolean apply(String permission) { 093 return session.hasPermission(principal, doc.getRef(), permission); 094 } 095 }); 096 } 097 098}