Source code

001/*
002 * (C) Copyright 2015 Nuxeo SA (http://nuxeo.com/) and others.
003 *
004 * Licensed under the Apache License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 *     http://www.apache.org/licenses/LICENSE-2.0
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 *
016 * Contributors:
017 *     Nicolas Chapurlat <nchapurlat@nuxeo.com>
018 */
019
020package org.nuxeo.ecm.core.io.marshallers.json.enrichers;
021
022import static org.nuxeo.ecm.core.io.registry.reflect.Instantiations.SINGLETON;
023import static org.nuxeo.ecm.core.io.registry.reflect.Priorities.REFERENCE;
024
025import java.io.IOException;
026import java.util.Arrays;
027import java.util.Collection;
028
029import org.nuxeo.ecm.core.api.CoreSession;
030import org.nuxeo.ecm.core.api.DocumentModel;
031import org.nuxeo.ecm.core.api.security.PermissionProvider;
032import org.nuxeo.ecm.core.io.registry.context.RenderingContext.SessionWrapper;
033import org.nuxeo.ecm.core.io.registry.reflect.Setup;
034
035import org.nuxeo.runtime.api.Framework;
036
037import com.fasterxml.jackson.core.JsonGenerator;
038
039/**
040 * Enrich {@link DocumentModel} Json.
041 * <p>
042 * Add permission available for current user on given {@link DocumentModel}'s as json attachment. Limit permission to
043 * Read, Write and Everything.
044 * </p>
045 * <p>
046 * Enable if parameter enrichers-document=permissions is present.
047 * </p>
048 * <p>
049 * Format is:
050 *
051 * <pre>
052 * {@code
053 * {
054 *   "entity-type":"document",
055 *   ...
056 *   "contextParameters": {
057 *     "permissions": [ "Read", "Write", "Everything" ]  <- depending on current user permission on document
058 *   }
059 * }
060 * </pre>
061 *
062 * </p>
063 *
064 * @since 7.2
065 */
066@Setup(mode = SINGLETON, priority = REFERENCE)
067public class BasePermissionsJsonEnricher extends AbstractJsonEnricher<DocumentModel> {
068
069    public static final String NAME = "permissions";
070
071    public BasePermissionsJsonEnricher() {
072        super(NAME);
073    }
074
075    @Override
076    public void write(JsonGenerator jg, DocumentModel document) throws IOException {
077        jg.writeArrayFieldStart(NAME);
078        try (SessionWrapper wrapper = ctx.getSession(document)) {
079            for (String permission : getPermissionsInSession(document, wrapper.getSession())) {
080                jg.writeString(permission);
081            }
082        }
083        jg.writeEndArray();
084    }
085
086    private Collection<String> getPermissionsInSession(DocumentModel doc, CoreSession session) {
087        PermissionProvider permissionProvider = Framework.getService(PermissionProvider.class);
088        return session.filterGrantedPermissions(session.getPrincipal(), doc.getRef(),
089                Arrays.asList(permissionProvider.getPermissions()));
090    }
091
092}