org.genesys.blocks.security.service.impl

Class CustomAclServiceImpl

java.lang.Object

org.genesys.blocks.security.service.impl.CustomAclServiceImpl

All Implemented Interfaces:

CustomAclService, JsonSidConverter.SidProvider

@Service
 @Transactional
public class CustomAclServiceImpl
extends Object
implements CustomAclService

The Class CustomAclServiceImpl.

Nested Class Summary

Nested classes/interfaces inherited from interface org.genesys.blocks.security.service.CustomAclService

CustomAclService.AclObjectIdentityExt

Constructor Summary

Constructors

Constructor and Description
CustomAclServiceImpl()

Method Summary

Modifier and Type	Method and Description
void	cleanupAcl() Cleanup ACL: remove AclEntry and AclObjectIdentity for missing ACL-aware entities, remove obsolete AclClass.
void	createOrUpdatePermissions(AclAwareModel target) Adds the creator permissions or updates permission inheritance.
void	createOrUpdatePermissions(AclAwareModel target, AclSid ownerSid) Adds the creator permissions or updates permission inheritance.
AclSid	ensureAuthoritySid(String authority) Gets (and creates if missing) the sid for the specified authority.
AclObjectIdentity	ensureObjectIdentity(long objectIdIdentity, String className) Ensure object identity.
List<AclEntry>	getAclEntries(AclAwareModel entity) Gets the acl entries.
List<AclEntry>	getAclEntries(AclObjectIdentity objectIdentity) Gets the acl entries.
AclSid	getAuthoritySid(String authority) Gets the sid for the specified authority.
org.springframework.security.acls.model.Permission[]	getAvailablePermissions(String className) Gets the available permissions.
AclObjectIdentity	getObjectIdentity(AclAwareModel entity) Gets the object identity of the entity.
AclObjectIdentity	getObjectIdentity(long id) Get object identity by internal id.
AclObjectIdentity	getObjectIdentity(long id, String className) Gets the object identity for object of type className with specified id.
List<SidPermissions>	getPermissions(AclAwareModel entity) Gets the permissions.
List<SidPermissions>	getPermissions(long id, String className) Gets the permissions.
AclSid	getSid(Long id) Get SID by ID.
Long	getSidId(String sid) Gets the sid id.
String	getSidName(long id) Gets the sid name.
List<AclSid>	getSids(AclAwareModel entity) Gets the sids.
List<AclSid>	getSids(long id, String className) Gets the sids.
List<AclSid>	listAuthoritySids() List authority sids.
List<Long>	listObjectIdentityIdsForSid(Class<? extends AclAwareModel> clazz, AclSid sid, org.springframework.security.acls.model.Permission permission) List IDs of the specified class for the SID with specified permissions.
CustomAclService.AclObjectIdentityExt	loadObjectIdentityExt(AclObjectIdentity objectIdentity) Load object identity extended information.
void	makePubliclyReadable(AclAwareModel entity, boolean publiclyReadable) Make entity publicly readable (or not).
void	removeAclAwareModel(AclAwareModel target) Remove ACL data for AclAwareModel: deletes AclObjectIdentity and associated AclEntry list.
AclSid	removeAuthoritySid(String authority) Removes the sid of the specified authority.
AclObjectIdentity	removePermissions(AclObjectIdentity objectIdentity, AclSid sid) Removes the permissions for SID on ACL OID.
void	removePermissionsFor(AclSid sid) Removes the all permissions of SID.
AclObjectIdentity	setAclParent(AclAwareModel target, AclAwareModel parent) Set ACL parent object for inherited permissions.
AclObjectIdentity	setPermissions(AclAwareModel entity, AclSid sid, Permissions permissions) Update permissions.
AclObjectIdentity	setPermissions(AclObjectIdentity objectIdentity, AclSid sid, Permissions permissions) Update permissions.
AclObjectIdentity	updateInheriting(long objectIdIdentity, boolean entriesInheriting) Updates inheriting status of object identity.
AclObjectIdentity	updateParentObject(long objectIdIdentity, long parentObjectId) Updates parent object of object identity.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

CustomAclServiceImpl

public CustomAclServiceImpl()

Method Detail

getSid

@Transactional(readOnly=true)
public AclSid getSid(Long id)

Description copied from interface: CustomAclService

Get SID by ID.

Specified by:

getSid in interface CustomAclService

Parameters:

id - -- ID of an AclSid entity

Returns:

persisted AclSid entity with specified id

getSidName

@Transactional(readOnly=true)
 @Cacheable(cacheNames="aclSidNames",
           key="#id",
           unless="#result == null")
public String getSidName(long id)

Description copied from interface: CustomAclService

Gets the sid name.

Specified by:

getSidName in interface CustomAclService

Specified by:

getSidName in interface JsonSidConverter.SidProvider

Parameters:

id - the id

Returns:

the sid name

getSidId

@Transactional(readOnly=true,
               propagation=REQUIRES_NEW,
               isolation=READ_UNCOMMITTED)
 @Cacheable(cacheNames="aclSidNames",
           key="#sid",
           unless="#result == null")
public Long getSidId(String sid)

Description copied from interface: CustomAclService

Gets the sid id.

Specified by:

getSidId in interface CustomAclService

Parameters:

sid - the sid

Returns:

the sid id

getAuthoritySid

public AclSid getAuthoritySid(String authority)

Description copied from interface: CustomAclService

Gets the sid for the specified authority.

Specified by:

getAuthoritySid in interface CustomAclService

Parameters:

authority - the authority (must start with "ROLE_")

Returns:

the authority sid

ensureAuthoritySid

@Transactional(propagation=REQUIRED)
public AclSid ensureAuthoritySid(String authority)

Description copied from interface: CustomAclService

Gets (and creates if missing) the sid for the specified authority.

Specified by:

ensureAuthoritySid in interface CustomAclService

Parameters:

authority - the authority (must start with "ROLE_")

Returns:

the authority sid

removeAuthoritySid

@Transactional(propagation=REQUIRED)
public AclSid removeAuthoritySid(String authority)

Description copied from interface: CustomAclService

Removes the sid of the specified authority.

Specified by:

removeAuthoritySid in interface CustomAclService

Parameters:

authority - the authority name

Returns:

the acl sid

createOrUpdatePermissions

@Transactional(propagation=REQUIRED)
public void createOrUpdatePermissions(AclAwareModel target,
                                                                           AclSid ownerSid)

Description copied from interface: CustomAclService

Adds the creator permissions or updates permission inheritance.

Specified by:

createOrUpdatePermissions in interface CustomAclService

Parameters:

target - the ACL entity

ownerSid - Owner

createOrUpdatePermissions

@Transactional(propagation=REQUIRED)
public void createOrUpdatePermissions(AclAwareModel target)

Description copied from interface: CustomAclService

Adds the creator permissions or updates permission inheritance.

Specified by:

createOrUpdatePermissions in interface CustomAclService

Parameters:

target - the target

updateInheriting

@PreAuthorize(value="hasRole(\'ADMINISTRATOR\')")
public AclObjectIdentity updateInheriting(long objectIdIdentity,
                                                                                            boolean entriesInheriting)

Description copied from interface: CustomAclService

Updates inheriting status of object identity.

Specified by:

updateInheriting in interface CustomAclService

Parameters:

objectIdIdentity - the id of object identity

entriesInheriting - the inheriting status

Returns:

the acl object identity

setAclParent

@PreAuthorize(value="hasRole(\'ADMINISTRATOR\')")
public AclObjectIdentity setAclParent(AclAwareModel target,
                                                                                        AclAwareModel parent)

Description copied from interface: CustomAclService

Set ACL parent object for inherited permissions.

Specified by:

setAclParent in interface CustomAclService

Parameters:

target - the target ACL object on which to change ACL

parent - the parent ACL object

Returns:

the acl object identity

updateParentObject

@PreAuthorize(value="hasRole(\'ADMINISTRATOR\')")
public AclObjectIdentity updateParentObject(long objectIdIdentity,
                                                                                              long parentObjectId)

Description copied from interface: CustomAclService

Updates parent object of object identity.

Specified by:

updateParentObject in interface CustomAclService

Parameters:

objectIdIdentity - the id of object identity

parentObjectId - the id of parent object identity

Returns:

the acl object identity

removeAclAwareModel

@Transactional(propagation=REQUIRED,
               isolation=READ_UNCOMMITTED)
public void removeAclAwareModel(AclAwareModel target)

Remove ACL data for AclAwareModel: deletes AclObjectIdentity and associated AclEntry list. If target happens to be AclSid, permissions granted to the SID are removed.

Specified by:

removeAclAwareModel in interface CustomAclService

Parameters:

target - the target

removePermissionsFor

@Transactional(propagation=REQUIRED)
public void removePermissionsFor(AclSid sid)

Description copied from interface: CustomAclService

Removes the all permissions of SID.

Specified by:

removePermissionsFor in interface CustomAclService

Parameters:

sid - the sid

loadObjectIdentityExt

@Transactional(readOnly=true)
public CustomAclService.AclObjectIdentityExt loadObjectIdentityExt(AclObjectIdentity objectIdentity)

Description copied from interface: CustomAclService

Load object identity extended information.

Specified by:

loadObjectIdentityExt in interface CustomAclService

Parameters:

objectIdentity - the object identity

Returns:

the acl object identity ext

getObjectIdentity

@Transactional(readOnly=true)
 @PostAuthorize(value="returnObject==null or hasRole(\'ADMINISTRATOR\') or hasPermission(#returnObject.objectIdIdentity, #returnObject.aclClass.aclClass, \'READ\')")
public AclObjectIdentity getObjectIdentity(long id)

Description copied from interface: CustomAclService

Get object identity by internal id.

Specified by:

getObjectIdentity in interface CustomAclService

Parameters:

id - AclObjectIdentity id

Returns:

the object identity

getObjectIdentity

@Transactional(readOnly=true)
 @PreAuthorize(value="hasRole(\'ADMINISTRATOR\') or hasPermission(#id, #className, \'ADMINISTRATION\')")
public AclObjectIdentity getObjectIdentity(long id,
                                                                                                                                                                                  String className)

Description copied from interface: CustomAclService

Gets the object identity for object of type className with specified id.

Specified by:

getObjectIdentity in interface CustomAclService

Parameters:

id - the id

className - the clazz

Returns:

the object identity

getObjectIdentity

@Transactional(readOnly=true)
 @PreAuthorize(value="hasRole(\'ADMINISTRATOR\') or hasPermission(#entity, \'ADMINISTRATION\')")
public AclObjectIdentity getObjectIdentity(AclAwareModel entity)

Description copied from interface: CustomAclService

Gets the object identity of the entity.

Specified by:

getObjectIdentity in interface CustomAclService

Parameters:

entity - the entity

Returns:

the object identity

getAvailablePermissions

@Transactional(readOnly=true)
public org.springframework.security.acls.model.Permission[] getAvailablePermissions(String className)

Description copied from interface: CustomAclService

Gets the available permissions.

Specified by:

getAvailablePermissions in interface CustomAclService

Parameters:

className - the class name

Returns:

the available permissions

getPermissions

@Transactional(readOnly=true)
 @PreAuthorize(value="hasRole(\'ADMINISTRATOR\') or hasPermission(#id, #className, \'ADMINISTRATION\')")
public List<SidPermissions> getPermissions(long id,
                                                                                                                                                                                  String className)

Description copied from interface: CustomAclService

Gets the permissions.

Specified by:

getPermissions in interface CustomAclService

Parameters:

id - the id

className - the class name

Returns:

the permissions

getPermissions

@Transactional(readOnly=true)
 @PreAuthorize(value="hasRole(\'ADMINISTRATOR\') or hasPermission(#entity, \'ADMINISTRATION\')")
public List<SidPermissions> getPermissions(AclAwareModel entity)

Description copied from interface: CustomAclService

Gets the permissions.

Specified by:

getPermissions in interface CustomAclService

Parameters:

entity - the entity

Returns:

the permissions

setPermissions

@Transactional(propagation=REQUIRED,
               isolation=READ_UNCOMMITTED)
 @PreAuthorize(value="hasRole(\'ADMINISTRATOR\') or hasPermission(#entity, \'ADMINISTRATION\')")
public AclObjectIdentity setPermissions(AclAwareModel entity,
                                                                                                                                                                                                                         AclSid sid,
                                                                                                                                                                                                                         Permissions permissions)

Description copied from interface: CustomAclService

Update permissions.

Specified by:

setPermissions in interface CustomAclService

Parameters:

entity - the entity

sid - the sid

permissions - the permissions

Returns:

the acl object identity

setPermissions

@Transactional(propagation=REQUIRED,
               isolation=READ_UNCOMMITTED)
 @PreAuthorize(value="hasRole(\'ADMINISTRATOR\') or hasPermission(#objectIdentity.objectIdIdentity, #objectIdentity.aclClass.aclClass, \'ADMINISTRATION\')")
public AclObjectIdentity setPermissions(AclObjectIdentity objectIdentity,
                                                                                                                                                                                                                                                                                     AclSid sid,
                                                                                                                                                                                                                                                                                     Permissions permissions)

Description copied from interface: CustomAclService

Update permissions.

Specified by:

setPermissions in interface CustomAclService

Parameters:

objectIdentity - the object identity

sid - the sid

permissions - the permissions

Returns:

the acl object identity

removePermissions

@Transactional(propagation=REQUIRED,
               isolation=READ_UNCOMMITTED)
public AclObjectIdentity removePermissions(AclObjectIdentity objectIdentity,
                                                                                                                           AclSid sid)

Description copied from interface: CustomAclService

Removes the permissions for SID on ACL OID.

Specified by:

removePermissions in interface CustomAclService

Parameters:

objectIdentity - the object identity

sid - the acl sid

Returns:

the acl object identity

getAclEntries

@Transactional(readOnly=true)
 @PreAuthorize(value="hasRole(\'ADMINISTRATOR\') or hasPermission(#objectIdentity.objectIdIdentity, #objectIdentity.aclClass.aclClass, \'ADMINISTRATION\')")
public List<AclEntry> getAclEntries(AclObjectIdentity objectIdentity)

Description copied from interface: CustomAclService

Gets the acl entries.

Specified by:

getAclEntries in interface CustomAclService

Parameters:

objectIdentity - the object identity

Returns:

the acl entries

getAclEntries

@Transactional(readOnly=true)
 @PreAuthorize(value="hasRole(\'ADMINISTRATOR\') or hasPermission(#entity, \'ADMINISTRATION\')")
public List<AclEntry> getAclEntries(AclAwareModel entity)

Description copied from interface: CustomAclService

Gets the acl entries.

Specified by:

getAclEntries in interface CustomAclService

Parameters:

entity - the entity

Returns:

the acl entries

getSids

@Transactional(readOnly=true)
 @PreAuthorize(value="hasRole(\'ADMINISTRATOR\') or hasPermission(#id, #className, \'ADMINISTRATION\')")
public List<AclSid> getSids(long id,
                                                                                                                                                                   String className)

Description copied from interface: CustomAclService

Gets the sids.

Specified by:

getSids in interface CustomAclService

Parameters:

id - the id

className - the class name

Returns:

the sids

getSids

@Transactional(readOnly=true)
 @PreAuthorize(value="hasRole(\'ADMINISTRATOR\') or hasPermission(#entity, \'ADMINISTRATION\')")
public List<AclSid> getSids(AclAwareModel entity)

Description copied from interface: CustomAclService

Gets the sids.

Specified by:

getSids in interface CustomAclService

Parameters:

entity - the entity

Returns:

the sids

listAuthoritySids

@Transactional(readOnly=true)
public List<AclSid> listAuthoritySids()

Description copied from interface: CustomAclService

List authority sids.

Specified by:

listAuthoritySids in interface CustomAclService

Returns:

the list of AclSid for authorities

ensureObjectIdentity

@Transactional(propagation=REQUIRED,
               isolation=READ_UNCOMMITTED)
public AclObjectIdentity ensureObjectIdentity(long objectIdIdentity,
                                                                                                                              String className)

Description copied from interface: CustomAclService

Ensure object identity.

Specified by:

ensureObjectIdentity in interface CustomAclService

Parameters:

objectIdIdentity - the object id identity

className - the class name

Returns:

the acl object identity

listObjectIdentityIdsForSid

@Transactional(readOnly=true)
public List<Long> listObjectIdentityIdsForSid(Class<? extends AclAwareModel> clazz,
                                                                            AclSid sid,
                                                                            org.springframework.security.acls.model.Permission permission)

Description copied from interface: CustomAclService

List IDs of the specified class for the SID with specified permissions.

Specified by:

listObjectIdentityIdsForSid in interface CustomAclService

Parameters:

clazz - the clazz

sid - the sid

permission - the permission

Returns:

the list

makePubliclyReadable

@Transactional(propagation=REQUIRED,
               isolation=READ_UNCOMMITTED)
 @PreAuthorize(value="hasRole(\'ADMINISTRATOR\') or hasPermission(#entity, \'ADMINISTRATION\')")
public void makePubliclyReadable(AclAwareModel entity,
                                                                                                                                                                                                                  boolean publiclyReadable)

Description copied from interface: CustomAclService

Make entity publicly readable (or not).

Specified by:

makePubliclyReadable in interface CustomAclService

Parameters:

entity - The entity

publiclyReadable - true or false?

cleanupAcl

@Transactional
public void cleanupAcl()

Description copied from interface: CustomAclService

Cleanup ACL: remove AclEntry and AclObjectIdentity for missing ACL-aware entities, remove obsolete AclClass.

Specified by:

cleanupAcl in interface CustomAclService