001/* 002 * (C) Copyright 2006-2016 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * Florent Guillaume 018 */ 019package org.nuxeo.ecm.core.storage.sql.security; 020 021import java.security.Principal; 022 023import org.nuxeo.ecm.core.api.security.ACP; 024import org.nuxeo.ecm.core.api.security.Access; 025import org.nuxeo.ecm.core.model.Document; 026import org.nuxeo.ecm.core.query.sql.model.SQLQuery.Transformer; 027import org.nuxeo.ecm.core.security.AbstractSecurityPolicy; 028import org.nuxeo.ecm.core.security.SecurityPolicy; 029 030/** 031 * Dummy security policy denying all access to File objects. 032 * 033 * @author Florent Guillaume 034 */ 035public class NoFileSecurityPolicy extends AbstractSecurityPolicy implements SecurityPolicy { 036 037 @Override 038 public Access checkPermission(Document doc, ACP mergedAcp, Principal principal, String permission, 039 String[] resolvedPermissions, String[] additionalPrincipals) { 040 if (doc.getType().getName().equals("File")) { 041 return Access.DENY; 042 } 043 return Access.UNKNOWN; 044 } 045 046 @Override 047 public boolean isRestrictingPermission(String permission) { 048 return true; 049 } 050 051 @Override 052 public boolean isExpressibleInQuery(String repositoryName) { 053 return false; 054 } 055 056 @Override 057 public Transformer getQueryTransformer(String repositoryName) { 058 throw new UnsupportedOperationException(); 059 } 060 061}