Source code

001/*
002 * Copyright (c) 2006-2011 Nuxeo SA (http://nuxeo.com/) and others.
003 *
004 * All rights reserved. This program and the accompanying materials
005 * are made available under the terms of the Eclipse Public License v1.0
006 * which accompanies this distribution, and is available at
007 * http://www.eclipse.org/legal/epl-v10.html
008 *
009 * Contributors:
010 *     bstefanescu
011 */
012package org.nuxeo.ecm.automation.core.operations.users;
013
014import java.util.Set;
015
016import org.nuxeo.ecm.automation.OperationContext;
017import org.nuxeo.ecm.automation.core.Constants;
018import org.nuxeo.ecm.automation.core.annotations.Context;
019import org.nuxeo.ecm.automation.core.annotations.Operation;
020import org.nuxeo.ecm.automation.core.annotations.OperationMethod;
021import org.nuxeo.ecm.automation.core.annotations.Param;
022import org.nuxeo.ecm.automation.core.util.StringList;
023import org.nuxeo.ecm.automation.features.PrincipalHelper;
024import org.nuxeo.ecm.core.api.DocumentModel;
025import org.nuxeo.ecm.core.api.security.PermissionProvider;
026import org.nuxeo.ecm.platform.usermanager.UserManager;
027
028/**
029 * Retrieve the emails from users/groups who have the given permission on given document.
030 *
031 * @author <a href="mailto:bs@nuxeo.com">Bogdan Stefanescu</a>
032 */
033@Operation(id = GetDocumentPrincipalEmails.ID, category = Constants.CAT_USERS_GROUPS, label = "Get Principal Emails", description = ""
034        + "Fetch the principal emails that have a given permission on the input "
035        + "document and then set them in the context under the given key variable "
036        + "name. The operation returns the input document. You can later use the "
037        + "list of principals set by this operation on the context from another "
038        + "operation. The 'key' argument represents the variable name and the "
039        + "'permission' argument the permission to check. If the 'ignore groups' "
040        + "argument is false then groups are recursively resolved, extracting "
041        + "user members of these groups. Be <b>warned</b> "
042        + "that this may be a very consuming operation.<ul>Note that <li></li>"
043        + "<li>groups are not included</li><li>the list pushed into the context "
044        + "is a string list of emails.</li></ul>", aliases = { "Document.GetPrincipalEmails" })
045public class GetDocumentPrincipalEmails {
046
047    public static final String ID = "Context.GetEmailsWithPermissionOnDoc";
048
049    @Context
050    protected PermissionProvider permissionProvider;
051
052    @Context
053    protected UserManager umgr;
054
055    @Context
056    protected OperationContext ctx;
057
058    @Param(name = "permission")
059    protected String permission;
060
061    @Param(name = "variable name")
062    protected String key;
063
064    @Param(name = "ignore groups", required = false, values = { "false" })
065    protected boolean ignoreGroups = false;
066
067    @OperationMethod
068    public DocumentModel run(DocumentModel input) {
069        PrincipalHelper ph = new PrincipalHelper(umgr, permissionProvider);
070        Set<String> result = ph.getEmailsForPermission(input, permission, ignoreGroups);
071        ctx.put(key, new StringList(result));
072        return input;
073    }
074
075}