Package fr.becpg.repo.security.impl

Class SecurityServiceImpl

java.lang.Object
fr.becpg.repo.security.impl.SecurityServiceImpl
All Implemented Interfaces:
SecurityService
@Service("securityService") public class SecurityServiceImpl extends Object implements SecurityService
Security Service : is in charge to compute acls by node Type. And provide permission on properties
Version:
$Id: $Id
Author:
"Matthieu Laborie"

  • Field Details

    • ACLS_CACHE_KEY

      private static final String ACLS_CACHE_KEY
      Constant ACLS_CACHE_KEY="ACLS_CACHE_KEY"
      See Also:

    • LOCAL_ACLS_CACHE_KEY

      private static final String LOCAL_ACLS_CACHE_KEY
      Constant LOCAL_ACLS_CACHE_KEY="LOCAL_ACLS_CACHE_KEY"
      See Also:

    • USER_ROLE_CACHE_KEY

      private static final String USER_ROLE_CACHE_KEY
      Constant USER_ROLE_CACHE_KEY="USER_ROLE_CACHE_KEY"
      See Also:

    • logger

      private static final org.apache.commons.logging.Log logger
      Constant logger

    • alfrescoRepository

      @Autowired private AlfrescoRepository<ACLGroupData> alfrescoRepository

    • authorityService

      @Autowired private org.alfresco.service.cmr.security.AuthorityService authorityService

    • dictionaryService

      @Autowired private EntityDictionaryService dictionaryService

    • namespaceService

      @Autowired private org.alfresco.service.namespace.NamespaceService namespaceService

    • beCPGCacheService

      @Autowired private BeCPGCacheService beCPGCacheService

    • securityPlugins

      @Autowired private SecurityServicePlugin[] securityPlugins

    • nodeService

      @Autowired private org.alfresco.service.cmr.repository.NodeService nodeService

    • associationService

      @Autowired private AssociationService associationService

  • Constructor Details

    • SecurityServiceImpl

      public SecurityServiceImpl()

  • Method Details

    • computeAccessMode

      public int computeAccessMode(org.alfresco.service.cmr.repository.NodeRef nodeRef, org.alfresco.service.namespace.QName nodeType, org.alfresco.service.namespace.QName propName)
      Compute access mode for the given field name on a specific type
      Specified by:
      computeAccessMode in interface SecurityService
      Parameters:
      nodeRef - a NodeRef object
      nodeType - a QName object.
      propName - a QName object.
      Returns:
      Access Mode status

    • computeAccessMode

      public int computeAccessMode(org.alfresco.service.cmr.repository.NodeRef nodeRef, org.alfresco.service.namespace.QName nodeType, String propName)
      Compute access mode for the given field name on a specific type
      Specified by:
      computeAccessMode in interface SecurityService
      Parameters:
      nodeRef - a NodeRef object
      nodeType - a QName object.
      propName - a String object.
      Returns:
      Access Mode status

    • isEntityTemplate

      private boolean isEntityTemplate(org.alfresco.service.cmr.repository.NodeRef nodeRef)

      isEntityTemplate.

      Parameters:
      nodeRef - a NodeRef object
      Returns:
      a boolean

    • computeAccessMode

      private int computeAccessMode(org.alfresco.service.cmr.repository.NodeRef nodeRef, org.alfresco.service.namespace.QName nodeType, List<PermissionModel> permissions)

      computeAccessMode.

      Parameters:
      nodeRef - a NodeRef object
      nodeType - a QName object
      permissions - a List object
      Returns:
      a int

    • getPermissionContext

      public PermissionContext getPermissionContext(org.alfresco.service.cmr.repository.NodeRef nodeRef, org.alfresco.service.namespace.QName nodeType, String propName)
      Get the permission context for a given node and a given property
      Specified by:
      getPermissionContext in interface SecurityService
      Parameters:
      nodeRef - a NodeRef object
      nodeType - a QName object
      propName - a String object
      Returns:
      a List object.

    • computeCacheKey

      private String computeCacheKey(org.alfresco.service.cmr.repository.NodeRef nodeRef)

      computeCacheKey.

      Parameters:
      nodeRef - a NodeRef object
      Returns:
      a String object

    • getReadOnlyCachedMap

      private Map<String,Boolean> getReadOnlyCachedMap(String cacheKey)

      getReadOnlyCachedMap.

      Parameters:
      cacheKey - a String object
      Returns:
      a Map object

    • computeNodeTypeKey

      private String computeNodeTypeKey(org.alfresco.service.namespace.QName nodeType)

      computeNodeTypeKey.

      Parameters:
      nodeType - a QName object
      Returns:
      a String object

    • refreshAcls

      public void refreshAcls()
      Refresh ACLS cache per tenant
      Specified by:
      refreshAcls in interface SecurityService

    • getPermissionCachedMap

      private Map<String,List<PermissionModel>> getPermissionCachedMap(String cacheKey)

      getPermissionCachedMap.

      Parameters:
      cacheKey - a String object
      Returns:
      a Map object

    • isCurrentUserAllowed

      public boolean isCurrentUserAllowed(String securityGroup)
      Check user is in currentSecurityGroup or isAdmin
      Specified by:
      isCurrentUserAllowed in interface SecurityService
      Parameters:
      securityGroup - a String object.
      Returns:
      a boolean.

    • getUserSecurityRoles

      public List<String> getUserSecurityRoles()
      List available security roles for user
      Specified by:
      getUserSecurityRoles in interface SecurityService
      Returns:
      a List object.

    • isAdmin

      private boolean isAdmin()

      isAdmin.

      Returns:
      a boolean

    • isInGroup

      private boolean isInGroup(org.alfresco.service.cmr.repository.NodeRef nodeRef, org.alfresco.service.namespace.QName nodeType, List<org.alfresco.service.cmr.repository.NodeRef> groups)
      Check if current user is in corresponding group or role
      Parameters:
      nodeRef - a NodeRef object
      nodeType - a QName object
      groups - a List object
      Returns:
      a boolean

    • computePluginAccessMode

      private int computePluginAccessMode(org.alfresco.service.cmr.repository.NodeRef nodeRef, org.alfresco.service.namespace.QName nodeType, int accesMode)

      computePluginAccessMode.

      Parameters:
      nodeRef - a NodeRef object
      nodeType - a QName object
      accesMode - a int
      Returns:
      a int

    • buildCacheKey

      private String buildCacheKey(org.alfresco.service.cmr.repository.NodeRef nodeRef, List<org.alfresco.service.cmr.repository.NodeRef> groups)

      buildCacheKey.

      Parameters:
      nodeRef - a NodeRef object
      groups - a List object
      Returns:
      a String object

    • buildPluginAccessModeCacheKey

      private String buildPluginAccessModeCacheKey(org.alfresco.service.cmr.repository.NodeRef nodeRef, org.alfresco.service.namespace.QName nodeType)

      buildPluginAccessModeCacheKey.

      Parameters:
      nodeRef - a NodeRef object
      nodeType - a QName object
      Returns:
      a String object

    • computeNodeTypePropKey

      private String computeNodeTypePropKey(org.alfresco.service.namespace.QName nodeType, String propName)

      computeNodeTypePropKey.

      Parameters:
      nodeType - a QName object
      propName - a String object
      Returns:
      a String object

    • findAllAclGroups

      private List<org.alfresco.service.cmr.repository.NodeRef> findAllAclGroups()

      findAllAclGroups.

      Returns:
      a List object

    • getAvailablePropNames

      public List<String> getAvailablePropNames()
      Extract props list based on existing ACL_GROUPS
      Specified by:
      getAvailablePropNames in interface SecurityService
      Returns:
      a List object.

    • appendPropName

      private void appendPropName(org.alfresco.service.cmr.dictionary.TypeDefinition typeDefinition, Map.Entry<org.alfresco.service.namespace.QName,org.alfresco.service.cmr.dictionary.PropertyDefinition> properties, List<String> ret)

      appendPropName.

      Parameters:
      typeDefinition - a TypeDefinition object
      properties - a Map.Entry object
      ret - a List object

    • isViewableProperty

      private boolean isViewableProperty(org.alfresco.service.namespace.QName qName)
      Test if the property should be show
      Parameters:
      qName - the q name
      Returns:
      true, if is viewable property