Package fr.becpg.repo.security.impl

Class SecurityServiceImpl

java.lang.Object
fr.becpg.repo.security.impl.SecurityServiceImpl
All Implemented Interfaces:
SecurityService
@Service("securityService") public class SecurityServiceImpl extends Object implements SecurityService
Security Service : is in charge to compute acls by node Type. And provide permission on properties
Version:
$Id: $Id
Author:
"Matthieu Laborie"

  • Field Details

    • ACLS_CACHE_KEY

      private static final String ACLS_CACHE_KEY
      See Also:

    • LOCAL_ACLS_CACHE_KEY

      private static final String LOCAL_ACLS_CACHE_KEY
      See Also:

    • USER_ROLE_CACHE_KEY

      private static final String USER_ROLE_CACHE_KEY
      See Also:

    • logger

      private static final org.apache.commons.logging.Log logger

    • alfrescoRepository

      @Autowired private AlfrescoRepository<ACLGroupData> alfrescoRepository

    • authorityService

      @Autowired private org.alfresco.service.cmr.security.AuthorityService authorityService

    • dictionaryService

      @Autowired private EntityDictionaryService dictionaryService

    • namespaceService

      @Autowired private org.alfresco.service.namespace.NamespaceService namespaceService

    • beCPGCacheService

      @Autowired private BeCPGCacheService beCPGCacheService

    • securityPlugins

      @Autowired private SecurityServicePlugin[] securityPlugins

    • nodeService

      @Autowired private org.alfresco.service.cmr.repository.NodeService nodeService

    • associationService

      @Autowired private AssociationService associationService

  • Constructor Details

    • SecurityServiceImpl

      public SecurityServiceImpl()

  • Method Details

    • computeAccessMode

      public int computeAccessMode(org.alfresco.service.cmr.repository.NodeRef nodeRef, org.alfresco.service.namespace.QName nodeType, org.alfresco.service.namespace.QName propName)
      Compute access mode for the given field name on a specific type
      Specified by:
      computeAccessMode in interface SecurityService
      Parameters:
      nodeRef - a NodeRef object
      nodeType - a QName object.
      propName - a QName object.
      Returns:
      Access Mode status

    • computeAccessMode

      public int computeAccessMode(org.alfresco.service.cmr.repository.NodeRef nodeRef, org.alfresco.service.namespace.QName nodeType, String propName)
      Compute access mode for the given field name on a specific type
      Specified by:
      computeAccessMode in interface SecurityService
      Parameters:
      nodeRef - a NodeRef object
      nodeType - a QName object.
      propName - a String object.
      Returns:
      Access Mode status

    • isEntityTemplate

      private boolean isEntityTemplate(org.alfresco.service.cmr.repository.NodeRef nodeRef)

    • computeAccessMode

      private int computeAccessMode(org.alfresco.service.cmr.repository.NodeRef nodeRef, org.alfresco.service.namespace.QName nodeType, List<PermissionModel> permissions)

    • getPermissionContext

      public PermissionContext getPermissionContext(org.alfresco.service.cmr.repository.NodeRef nodeRef, org.alfresco.service.namespace.QName nodeType, String propName)
      Get the permission context for a given node and a given property
      Specified by:
      getPermissionContext in interface SecurityService
      Parameters:
      nodeRef - a NodeRef object
      nodeType - a QName object
      propName - a String object
      Returns:
      a List object.

    • computeCacheKey

      private String computeCacheKey(org.alfresco.service.cmr.repository.NodeRef nodeRef)

    • getReadOnlyCachedMap

      private Map<String,Boolean> getReadOnlyCachedMap(String cacheKey)

    • computeNodeTypeKey

      private String computeNodeTypeKey(org.alfresco.service.namespace.QName nodeType)

    • refreshAcls

      public void refreshAcls()
      Refresh ACLS cache per tenant
      Specified by:
      refreshAcls in interface SecurityService

    • getPermissionCachedMap

      private Map<String,List<PermissionModel>> getPermissionCachedMap(String cacheKey)

    • isCurrentUserAllowed

      public boolean isCurrentUserAllowed(String securityGroup)
      Check user is in currentSecurityGroup or isAdmin
      Specified by:
      isCurrentUserAllowed in interface SecurityService
      Parameters:
      securityGroup - a String object.
      Returns:
      a boolean.

    • getUserSecurityRoles

      public List<String> getUserSecurityRoles()
      List available security roles for user
      Specified by:
      getUserSecurityRoles in interface SecurityService
      Returns:
      a List object.

    • isAdmin

      private boolean isAdmin()

    • isInGroup

      private boolean isInGroup(org.alfresco.service.cmr.repository.NodeRef nodeRef, org.alfresco.service.namespace.QName nodeType, List<org.alfresco.service.cmr.repository.NodeRef> groups)
      Check if current user is in corresponding group or role

    • computePluginAccessMode

      private int computePluginAccessMode(org.alfresco.service.cmr.repository.NodeRef nodeRef, org.alfresco.service.namespace.QName nodeType, int accesMode)

    • buildCacheKey

      private String buildCacheKey(org.alfresco.service.cmr.repository.NodeRef nodeRef, List<org.alfresco.service.cmr.repository.NodeRef> groups)

    • buildPluginAccessModeCacheKey

      private String buildPluginAccessModeCacheKey(org.alfresco.service.cmr.repository.NodeRef nodeRef, org.alfresco.service.namespace.QName nodeType)

    • computeNodeTypePropKey

      private String computeNodeTypePropKey(org.alfresco.service.namespace.QName nodeType, String propName)

    • findAllAclGroups

      private List<org.alfresco.service.cmr.repository.NodeRef> findAllAclGroups()

    • getAvailablePropNames

      public List<String> getAvailablePropNames()
      Extract props list based on existing ACL_GROUPS
      Specified by:
      getAvailablePropNames in interface SecurityService
      Returns:
      a List object.

    • appendPropName

      private void appendPropName(org.alfresco.service.cmr.dictionary.TypeDefinition typeDefinition, Map.Entry<org.alfresco.service.namespace.QName,org.alfresco.service.cmr.dictionary.PropertyDefinition> properties, List<String> ret)

    • isViewableProperty

      private boolean isViewableProperty(org.alfresco.service.namespace.QName qName)
      Test if the property should be show
      Parameters:
      qName - the q name
      Returns:
      true, if is viewable property