001/* 002 * (C) Copyright 2006-2011 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * bstefanescu 018 */ 019package org.nuxeo.ecm.automation.core.operations.document; 020 021import org.nuxeo.ecm.automation.core.Constants; 022import org.nuxeo.ecm.automation.core.annotations.Context; 023import org.nuxeo.ecm.automation.core.annotations.Operation; 024import org.nuxeo.ecm.automation.core.annotations.OperationMethod; 025import org.nuxeo.ecm.automation.core.annotations.Param; 026import org.nuxeo.ecm.automation.core.collectors.DocumentModelCollector; 027import org.nuxeo.ecm.core.api.CoreSession; 028import org.nuxeo.ecm.core.api.DocumentModel; 029import org.nuxeo.ecm.core.api.DocumentRef; 030import org.nuxeo.ecm.core.api.security.ACE; 031import org.nuxeo.ecm.core.api.security.ACL; 032import org.nuxeo.ecm.core.api.security.impl.ACLImpl; 033import org.nuxeo.ecm.core.api.security.impl.ACPImpl; 034 035/** 036 * @author <a href="mailto:bs@nuxeo.com">Bogdan Stefanescu</a> 037 */ 038@Operation(id = SetDocumentACE.ID, category = Constants.CAT_DOCUMENT, label = "Set ACL", description = "Set Acces Control Entry on the input document(s). Returns the document(s).", aliases = { "Document.SetACE" }) 039public class SetDocumentACE { 040 041 public static final String ID = "Document.AddACE"; 042 043 @Context 044 protected CoreSession session; 045 046 @Param(name = "user") 047 protected String user; 048 049 @Param(name = "permission") 050 String permission; 051 052 @Param(name = "acl", required = false, values = ACL.LOCAL_ACL) 053 String aclName = ACL.LOCAL_ACL; 054 055 @Param(name = "grant", required = false, values = "true") 056 boolean grant = true; 057 058 @Param(name = "overwrite", required = false, values = "true") 059 boolean overwrite = true; 060 061 @OperationMethod(collector = DocumentModelCollector.class) 062 public DocumentModel run(DocumentModel doc) { 063 setACE(doc.getRef()); 064 return session.getDocument(doc.getRef()); 065 } 066 067 @OperationMethod(collector = DocumentModelCollector.class) 068 public DocumentModel run(DocumentRef doc) { 069 setACE(doc); 070 return session.getDocument(doc); 071 } 072 073 protected void setACE(DocumentRef ref) { 074 ACPImpl acp = new ACPImpl(); 075 ACLImpl acl = new ACLImpl(aclName); 076 acp.addACL(acl); 077 ACE ace = new ACE(user, permission, grant); 078 acl.add(ace); 079 session.setACP(ref, acp, overwrite); 080 } 081 082}