001/* 002 * (C) Copyright 2015 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * Nicolas Chapurlat <nchapurlat@nuxeo.com> 018 */ 019 020package org.nuxeo.ecm.core.io.marshallers.json.enrichers; 021 022import static org.nuxeo.ecm.core.io.registry.reflect.Instantiations.SINGLETON; 023import static org.nuxeo.ecm.core.io.registry.reflect.Priorities.REFERENCE; 024 025import java.io.IOException; 026import java.util.Arrays; 027import java.util.Collection; 028 029import org.nuxeo.ecm.core.api.CoreSession; 030import org.nuxeo.ecm.core.api.DocumentModel; 031import org.nuxeo.ecm.core.api.security.PermissionProvider; 032import org.nuxeo.ecm.core.io.registry.context.RenderingContext.SessionWrapper; 033import org.nuxeo.ecm.core.io.registry.reflect.Setup; 034 035import org.nuxeo.runtime.api.Framework; 036 037import com.fasterxml.jackson.core.JsonGenerator; 038 039/** 040 * Enrich {@link DocumentModel} Json. 041 * <p> 042 * Add permission available for current user on given {@link DocumentModel}'s as json attachment. Limit permission to 043 * Read, Write and Everything. 044 * <p> 045 * Enable if parameter enrichers-document=permissions is present. 046 * <p> 047 * Format is: 048 * 049 * <pre> 050 * { 051 * "entity-type":"document", 052 * ... 053 * "contextParameters": { 054 * "permissions": [ "Read", "Write", "Everything" ] <- depending on current user permission on document 055 * } 056 * } 057 * </pre> 058 * 059 * @since 7.2 060 */ 061@Setup(mode = SINGLETON, priority = REFERENCE) 062public class BasePermissionsJsonEnricher extends AbstractJsonEnricher<DocumentModel> { 063 064 public static final String NAME = "permissions"; 065 066 public BasePermissionsJsonEnricher() { 067 super(NAME); 068 } 069 070 @Override 071 public void write(JsonGenerator jg, DocumentModel document) throws IOException { 072 jg.writeArrayFieldStart(NAME); 073 try (SessionWrapper wrapper = ctx.getSession(document)) { 074 for (String permission : getPermissionsInSession(document, wrapper.getSession())) { 075 jg.writeString(permission); 076 } 077 } 078 jg.writeEndArray(); 079 } 080 081 private Collection<String> getPermissionsInSession(DocumentModel doc, CoreSession session) { 082 PermissionProvider permissionProvider = Framework.getService(PermissionProvider.class); 083 return session.filterGrantedPermissions(session.getPrincipal(), doc.getRef(), 084 Arrays.asList(permissionProvider.getPermissions())); 085 } 086 087}