001/* 002 * (C) Copyright 2009 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * Georges Racinet 018 */ 019package org.nuxeo.ecm.platform.indexing.gateway.adapter; 020 021import java.util.Arrays; 022import java.util.LinkedList; 023import java.util.List; 024 025import org.nuxeo.ecm.core.api.security.PermissionProvider; 026import org.nuxeo.ecm.core.api.security.SecurityConstants; 027import org.nuxeo.runtime.api.Framework; 028 029/** 030 * Shared info about security filtering (copied from removed module) 031 * 032 * @author <a href="mailto:gracinet@nuxeo.com">Georges Racinet</a> 033 */ 034public class SecurityFiltering { 035 036 public static final String[] BROWSE_PERMISSION_SEEDS = { SecurityConstants.BROWSE }; 037 038 /** 039 * Return the recursive closure of all permissions that comprises the requested seed permissions. TODO: this logics 040 * should be moved upward to the PermissionProvider interface. 041 * 042 * @param seedPermissions 043 * @return the list of permissions, seeds inclusive 044 */ 045 public static List<String> getPermissionList(String[] seedPermissions) { 046 PermissionProvider pprovider = Framework.getService(PermissionProvider.class); 047 List<String> aggregatedPerms = new LinkedList<String>(); 048 for (String seedPerm : seedPermissions) { 049 aggregatedPerms.add(seedPerm); 050 String[] compoundPerms = pprovider.getPermissionGroups(seedPerm); 051 if (compoundPerms != null) { 052 aggregatedPerms.addAll(Arrays.asList(compoundPerms)); 053 } 054 } 055 // EVERYTHING is special and may not be explicitly registered as a 056 // compound 057 if (!aggregatedPerms.contains(SecurityConstants.EVERYTHING)) { 058 aggregatedPerms.add(SecurityConstants.EVERYTHING); 059 } 060 return aggregatedPerms; 061 } 062 063 /** 064 * This is the list of all permissions that grant access to some indexed document. 065 * 066 * @return the list of all permissions that include Browse directly or un-directly 067 */ 068 public static List<String> getBrowsePermissionList() { 069 return getPermissionList(BROWSE_PERMISSION_SEEDS); 070 } 071 072 // public static final String SEPARATOR = "#"; 073 074 // public static final String ESCAPE = "[#]"; 075 076 // Constant utility class. 077 // private SecurityFiltering() { 078 // } 079 080}