001/* 002 * (C) Copyright 2015 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * Nicolas Chapurlat <nchapurlat@nuxeo.com> 018 */ 019 020package org.nuxeo.ecm.core.io.marshallers.json.enrichers; 021 022import static org.nuxeo.ecm.core.io.registry.reflect.Instantiations.SINGLETON; 023import static org.nuxeo.ecm.core.io.registry.reflect.Priorities.REFERENCE; 024 025import java.io.IOException; 026import java.util.Arrays; 027import java.util.Collection; 028 029import org.nuxeo.ecm.core.api.CoreSession; 030import org.nuxeo.ecm.core.api.DocumentModel; 031import org.nuxeo.ecm.core.api.security.PermissionProvider; 032import org.nuxeo.ecm.core.io.registry.context.RenderingContext.SessionWrapper; 033import org.nuxeo.ecm.core.io.registry.reflect.Setup; 034 035import org.nuxeo.runtime.api.Framework; 036 037import com.fasterxml.jackson.core.JsonGenerator; 038 039/** 040 * Enrich {@link DocumentModel} Json. 041 * <p> 042 * Add permission available for current user on given {@link DocumentModel}'s as json attachment. Limit permission to 043 * Read, Write and Everything. 044 * </p> 045 * <p> 046 * Enable if parameter enrichers-document=permissions is present. 047 * </p> 048 * <p> 049 * Format is: 050 * 051 * <pre> 052 * {@code 053 * { 054 * "entity-type":"document", 055 * ... 056 * "contextParameters": { 057 * "permissions": [ "Read", "Write", "Everything" ] <- depending on current user permission on document 058 * } 059 * } 060 * </pre> 061 * 062 * </p> 063 * 064 * @since 7.2 065 */ 066@Setup(mode = SINGLETON, priority = REFERENCE) 067public class BasePermissionsJsonEnricher extends AbstractJsonEnricher<DocumentModel> { 068 069 public static final String NAME = "permissions"; 070 071 public BasePermissionsJsonEnricher() { 072 super(NAME); 073 } 074 075 @Override 076 public void write(JsonGenerator jg, DocumentModel document) throws IOException { 077 jg.writeArrayFieldStart(NAME); 078 try (SessionWrapper wrapper = ctx.getSession(document)) { 079 for (String permission : getPermissionsInSession(document, wrapper.getSession())) { 080 jg.writeString(permission); 081 } 082 } 083 jg.writeEndArray(); 084 } 085 086 private Collection<String> getPermissionsInSession(DocumentModel doc, CoreSession session) { 087 PermissionProvider permissionProvider = Framework.getService(PermissionProvider.class); 088 return session.filterGrantedPermissions(session.getPrincipal(), doc.getRef(), 089 Arrays.asList(permissionProvider.getPermissions())); 090 } 091 092}