001/*
002 * (C) Copyright 2015 Nuxeo SA (http://nuxeo.com/) and others.
003 *
004 * All rights reserved. This program and the accompanying materials
005 * are made available under the terms of the GNU Lesser General Public License
006 * (LGPL) version 2.1 which accompanies this distribution, and is available at
007 * http://www.gnu.org/licenses/lgpl-2.1.html
008 *
009 * This library is distributed in the hope that it will be useful,
010 * but WITHOUT ANY WARRANTY; without even the implied warranty of
011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
012 * Lesser General Public License for more details.
013 *
014 * Contributors:
015 *     Thomas Roger
016 */
017
018package org.nuxeo.ecm.automation.core.operations.document;
019
020import org.nuxeo.ecm.automation.core.Constants;
021import org.nuxeo.ecm.automation.core.annotations.Context;
022import org.nuxeo.ecm.automation.core.annotations.Operation;
023import org.nuxeo.ecm.automation.core.annotations.OperationMethod;
024import org.nuxeo.ecm.automation.core.annotations.Param;
025import org.nuxeo.ecm.automation.core.collectors.DocumentModelCollector;
026import org.nuxeo.ecm.core.api.CoreSession;
027import org.nuxeo.ecm.core.api.DocumentModel;
028import org.nuxeo.ecm.core.api.DocumentRef;
029import org.nuxeo.ecm.core.api.security.ACL;
030import org.nuxeo.ecm.core.api.security.ACP;
031import org.nuxeo.ecm.core.api.security.impl.ACPImpl;
032
033/**
034 * Operation unblocking permission inheritance on a given ACL.
035 *
036 * @since 7.4
037 */
038@Operation(id = UnblockPermissionInheritance.ID, category = Constants.CAT_DOCUMENT, label = "Unlock Permission Inheritance", description = "Unlock the permission inheritance on the input document(s). Returns the document(s).")
039public class UnblockPermissionInheritance {
040
041    public static final String ID = "Document.UnblockPermissionInheritance";
042
043    @Context
044    protected CoreSession session;
045
046    @Param(name = "acl", required = false, values = { ACL.LOCAL_ACL }, description = "ACL name.")
047    String aclName = ACL.LOCAL_ACL;
048
049    @OperationMethod(collector = DocumentModelCollector.class)
050    public DocumentModel run(DocumentModel doc) {
051        unblockPermissionInheritance(doc);
052        return session.getDocument(doc.getRef());
053    }
054
055    @OperationMethod(collector = DocumentModelCollector.class)
056    public DocumentModel run(DocumentRef docRef) {
057        DocumentModel doc = session.getDocument(docRef);
058        unblockPermissionInheritance(doc);
059        return doc;
060    }
061
062    protected void unblockPermissionInheritance(DocumentModel doc) {
063        ACP acp = doc.getACP() != null ? doc.getACP() : new ACPImpl();
064        boolean permissionChanged = acp.unblockInheritance(aclName);
065        if (permissionChanged) {
066            doc.setACP(acp, true);
067        }
068    }
069}