Source code

001/*
002 * (C) Copyright 2013 Nuxeo SA (http://nuxeo.com/) and others.
003 *
004 * Licensed under the Apache License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 *     http://www.apache.org/licenses/LICENSE-2.0
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 *
016 * Contributors:
017 *     Martin Pernollet
018 */
019
020package org.nuxeo.ecm.platform.groups.audit.service.acl.filter;
021
022import java.util.Collection;
023
024import org.apache.commons.logging.Log;
025import org.apache.commons.logging.LogFactory;
026import org.nuxeo.ecm.core.api.security.SecurityConstants;
027import org.nuxeo.ecm.platform.usermanager.UserManager;
028import org.nuxeo.runtime.api.Framework;
029
030/**
031 * Ignore users and keep groups. Warning: this filter assumes a {@link UserManager} is available.
032 *
033 * @author Martin Pernollet <mpernollet@nuxeo.com>
034 */
035public class AcceptsGroupOnly extends AbstractContentFilter implements IContentFilter {
036    protected static Log log = LogFactory.getLog(AcceptsGroupOnly.class);
037
038    protected UserManager um = Framework.getLocalService(UserManager.class);
039
040    protected Collection<String> groups = null;
041
042    /**
043     * Return true if the input string is the name of a group known by the {@link UserManager} service. Return also true
044     * if input is equal to {@link SecurityConstants.EVERYONE}, since this is a special user name intended to define
045     * inheritance blocker rules.
046     */
047    @Override
048    public boolean acceptsUserOrGroup(String userOrGroup) {
049        if (isEveryone(userOrGroup))
050            return true;
051        return isGroup(userOrGroup);
052    }
053
054    public boolean isGroup(String user) {
055        if (groups == null)
056            groups = um.getGroupIds();
057        return groups.contains(user);
058    }
059}