001/*
002 * (C) Copyright 2006-2011 Nuxeo SA (http://nuxeo.com/) and others.
003 *
004 * Licensed under the Apache License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 *     http://www.apache.org/licenses/LICENSE-2.0
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 *
016 * Contributors:
017 *     bstefanescu
018 */
019package org.nuxeo.ecm.automation.core.operations.document;
020
021import org.nuxeo.ecm.automation.core.Constants;
022import org.nuxeo.ecm.automation.core.annotations.Context;
023import org.nuxeo.ecm.automation.core.annotations.Operation;
024import org.nuxeo.ecm.automation.core.annotations.OperationMethod;
025import org.nuxeo.ecm.automation.core.annotations.Param;
026import org.nuxeo.ecm.automation.core.collectors.DocumentModelCollector;
027import org.nuxeo.ecm.core.api.CoreSession;
028import org.nuxeo.ecm.core.api.DocumentModel;
029import org.nuxeo.ecm.core.api.DocumentRef;
030import org.nuxeo.ecm.core.api.security.ACE;
031import org.nuxeo.ecm.core.api.security.ACL;
032import org.nuxeo.ecm.core.api.security.impl.ACLImpl;
033import org.nuxeo.ecm.core.api.security.impl.ACPImpl;
034
035/**
036 * @author <a href="mailto:bs@nuxeo.com">Bogdan Stefanescu</a>
037 */
038@Operation(id = SetDocumentACE.ID, category = Constants.CAT_DOCUMENT, label = "Set ACL", description = "Set Acces Control Entry on the input document(s). Returns the document(s).", aliases = { "Document.SetACE" })
039public class SetDocumentACE {
040
041    public static final String ID = "Document.AddACE";
042
043    @Context
044    protected CoreSession session;
045
046    @Param(name = "user")
047    protected String user;
048
049    @Param(name = "permission")
050    String permission;
051
052    @Param(name = "acl", required = false, values = ACL.LOCAL_ACL)
053    String aclName = ACL.LOCAL_ACL;
054
055    @Param(name = "grant", required = false, values = "true")
056    boolean grant = true;
057
058    @Param(name = "overwrite", required = false, values = "true")
059    boolean overwrite = true;
060
061    @OperationMethod(collector = DocumentModelCollector.class)
062    public DocumentModel run(DocumentModel doc) {
063        setACE(doc.getRef());
064        return session.getDocument(doc.getRef());
065    }
066
067    @OperationMethod(collector = DocumentModelCollector.class)
068    public DocumentModel run(DocumentRef doc) {
069        setACE(doc);
070        return session.getDocument(doc);
071    }
072
073    protected void setACE(DocumentRef ref) {
074        ACPImpl acp = new ACPImpl();
075        ACLImpl acl = new ACLImpl(aclName);
076        acp.addACL(acl);
077        ACE ace = new ACE(user, permission, grant);
078        acl.add(ace);
079        session.setACP(ref, acp, overwrite);
080    }
081
082}