Class CustomAclServiceImpl
- java.lang.Object
-
- org.genesys.blocks.security.service.impl.CustomAclServiceImpl
-
- All Implemented Interfaces:
CustomAclService,JsonSidConverter.SidProvider
@Service @Transactional public class CustomAclServiceImpl extends Object implements CustomAclService
The Class CustomAclServiceImpl.
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface org.genesys.blocks.security.service.CustomAclService
CustomAclService.AclObjectIdentityExt
-
-
Field Summary
Fields Modifier and Type Field Description static StringCACHE_SID_NAMES
-
Constructor Summary
Constructors Constructor Description CustomAclServiceImpl()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voidcleanupAcl()Cleanup ACL: removeAclEntryandAclObjectIdentityfor missing ACL-aware entities, remove obsoleteAclClass.AclObjectIdentitycreateOrUpdatePermissions(AclAwareModel target)Adds the creator permissions or updates permission inheritance.AclObjectIdentitycreateOrUpdatePermissions(AclAwareModel target, AclSid ownerSid)Adds the creator permissions or updates permission inheritance.AclSidensureAuthoritySid(String authority)Gets (and creates if missing) the sid for the specified authority.AclObjectIdentityensureObjectIdentity(long objectIdIdentity, String className)Ensure object identity.List<AclEntry>getAclEntries(AclAwareModel entity)Gets the acl entries.List<AclEntry>getAclEntries(AclObjectIdentity objectIdentity)Gets the acl entries.AclSidgetAuthoritySid(String authority)Gets the sid for the specified authority.org.springframework.security.acls.model.Permission[]getAvailablePermissions(String className)Gets the available permissions.AclObjectIdentitygetObjectIdentity(long id)Get object identity by internal id.AclObjectIdentitygetObjectIdentity(long id, String className)Gets the object identity for object of type className with specified id.AclObjectIdentitygetObjectIdentity(AclAwareModel entity)Gets the object identity of the entity.List<SidPermissions>getPermissions(long id, String className)Gets the permissions.List<SidPermissions>getPermissions(AclAwareModel entity)Gets the permissions.AclSidgetSid(Long id)Get SID by ID.LonggetSidId(String sid)Gets the sid id.StringgetSidName(long id)Gets the sid name.List<AclSid>getSids(long id, String className)Gets the sids.List<AclSid>getSids(AclAwareModel entity)Gets the sids.List<AclSid>listAuthoritySids()List authority sids.List<Long>listObjectIdentityIdsForSid(Class<? extends AclAwareModel> clazz, AclSid sid, org.springframework.security.acls.model.Permission permission)List IDs of the specified class for the SID with specified permissions.CustomAclService.AclObjectIdentityExtloadObjectIdentityExt(AclObjectIdentity objectIdentity)Load object identity extended information.voidmakePubliclyReadable(AclAwareModel entity, boolean publiclyReadable)Make entity publicly readable (or not).voidremoveAclAwareModel(AclAwareModel target)Remove ACL data for AclAwareModel: deletesAclObjectIdentityand associatedAclEntrylist.AclSidremoveAuthoritySid(String authority)Removes the sid of the specified authority.AclObjectIdentityremovePermissions(AclObjectIdentity objectIdentity, AclSid sid)Removes the permissions for SID on ACL OID.voidremovePermissionsFor(AclSid sid)Removes the all permissions of SID.AclObjectIdentitysetAclParent(AclAwareModel target, AclAwareModel parent)Set ACL parent object for inherited permissions.AclObjectIdentitysetPermissions(AclAwareModel entity, AclSid sid, Permissions permissions)Update permissions.AclObjectIdentitysetPermissions(AclObjectIdentity objectIdentity, AclSid sid, Permissions permissions)Update permissions.AclObjectIdentityupdateInheriting(long objectIdIdentity, boolean entriesInheriting)Updates inheriting status of object identity.AclObjectIdentityupdateParentObject(long objectIdIdentity, long parentObjectId)Updates parent object of object identity.
-
-
-
Field Detail
-
CACHE_SID_NAMES
public static final String CACHE_SID_NAMES
- See Also:
- Constant Field Values
-
-
Method Detail
-
getSid
@Transactional(readOnly=true) public AclSid getSid(Long id)
Description copied from interface:CustomAclServiceGet SID by ID.- Specified by:
getSidin interfaceCustomAclService- Parameters:
id- -- ID of an AclSid entity- Returns:
- persisted AclSid entity with specified id
-
getSidName
@Transactional(readOnly=true) @Cacheable(cacheNames="aclSidNames", key="#id", unless="#result == null") public String getSidName(long id)Description copied from interface:CustomAclServiceGets the sid name.- Specified by:
getSidNamein interfaceCustomAclService- Specified by:
getSidNamein interfaceJsonSidConverter.SidProvider- Parameters:
id- the id- Returns:
- the sid name
-
getSidId
@Transactional(readOnly=true, propagation=REQUIRES_NEW, isolation=READ_UNCOMMITTED) @Cacheable(cacheNames="aclSidNames", key="#sid", unless="#result == null") public Long getSidId(String sid)Description copied from interface:CustomAclServiceGets the sid id.- Specified by:
getSidIdin interfaceCustomAclService- Parameters:
sid- the sid- Returns:
- the sid id
-
getAuthoritySid
public AclSid getAuthoritySid(String authority)
Description copied from interface:CustomAclServiceGets the sid for the specified authority.- Specified by:
getAuthoritySidin interfaceCustomAclService- Parameters:
authority- the authority (must start with "ROLE_")- Returns:
- the authority sid
-
ensureAuthoritySid
@Transactional(propagation=REQUIRED) public AclSid ensureAuthoritySid(String authority)
Description copied from interface:CustomAclServiceGets (and creates if missing) the sid for the specified authority.- Specified by:
ensureAuthoritySidin interfaceCustomAclService- Parameters:
authority- the authority (must start with "ROLE_")- Returns:
- the authority sid
-
removeAuthoritySid
@Transactional(propagation=REQUIRED) public AclSid removeAuthoritySid(String authority)
Description copied from interface:CustomAclServiceRemoves the sid of the specified authority.- Specified by:
removeAuthoritySidin interfaceCustomAclService- Parameters:
authority- the authority name- Returns:
- the acl sid
-
createOrUpdatePermissions
@Transactional(propagation=REQUIRED) public AclObjectIdentity createOrUpdatePermissions(AclAwareModel target, AclSid ownerSid)
Description copied from interface:CustomAclServiceAdds the creator permissions or updates permission inheritance.- Specified by:
createOrUpdatePermissionsin interfaceCustomAclService- Parameters:
target- the ACL entityownerSid- Owner- Returns:
- the acl object identity
-
createOrUpdatePermissions
@Transactional(propagation=REQUIRED) public AclObjectIdentity createOrUpdatePermissions(AclAwareModel target)
Description copied from interface:CustomAclServiceAdds the creator permissions or updates permission inheritance.- Specified by:
createOrUpdatePermissionsin interfaceCustomAclService- Parameters:
target- the target- Returns:
- the acl object identity
-
updateInheriting
@PreAuthorize("hasRole(\'ADMINISTRATOR\')") public AclObjectIdentity updateInheriting(long objectIdIdentity, boolean entriesInheriting)Description copied from interface:CustomAclServiceUpdates inheriting status of object identity.- Specified by:
updateInheritingin interfaceCustomAclService- Parameters:
objectIdIdentity- the id of object identityentriesInheriting- the inheriting status- Returns:
- the acl object identity
-
setAclParent
@PreAuthorize("hasRole(\'ADMINISTRATOR\')") public AclObjectIdentity setAclParent(AclAwareModel target, AclAwareModel parent)Description copied from interface:CustomAclServiceSet ACL parent object for inherited permissions.- Specified by:
setAclParentin interfaceCustomAclService- Parameters:
target- the target ACL object on which to change ACLparent- the parent ACL object- Returns:
- the acl object identity
-
updateParentObject
@PreAuthorize("hasRole(\'ADMINISTRATOR\')") public AclObjectIdentity updateParentObject(long objectIdIdentity, long parentObjectId)Description copied from interface:CustomAclServiceUpdates parent object of object identity.- Specified by:
updateParentObjectin interfaceCustomAclService- Parameters:
objectIdIdentity- the id of object identityparentObjectId- the id of parent object identity- Returns:
- the acl object identity
-
removeAclAwareModel
@Transactional(propagation=REQUIRED, isolation=READ_UNCOMMITTED) public void removeAclAwareModel(AclAwareModel target)Remove ACL data for AclAwareModel: deletesAclObjectIdentityand associatedAclEntrylist. If target happens to beAclSid, permissions granted to the SID are removed.- Specified by:
removeAclAwareModelin interfaceCustomAclService- Parameters:
target- the target
-
removePermissionsFor
@Transactional(propagation=REQUIRED) public void removePermissionsFor(AclSid sid)
Description copied from interface:CustomAclServiceRemoves the all permissions of SID.- Specified by:
removePermissionsForin interfaceCustomAclService- Parameters:
sid- the sid
-
loadObjectIdentityExt
@Transactional(readOnly=true) public CustomAclService.AclObjectIdentityExt loadObjectIdentityExt(AclObjectIdentity objectIdentity)
Description copied from interface:CustomAclServiceLoad object identity extended information.- Specified by:
loadObjectIdentityExtin interfaceCustomAclService- Parameters:
objectIdentity- the object identity- Returns:
- the acl object identity ext
-
getObjectIdentity
@Transactional(readOnly=true) @PostAuthorize("returnObject==null or hasRole(\'ADMINISTRATOR\') or hasPermission(returnObject.objectIdIdentity, returnObject.aclClass.aclClass, \'READ\')") public AclObjectIdentity getObjectIdentity(long id)Description copied from interface:CustomAclServiceGet object identity by internal id.- Specified by:
getObjectIdentityin interfaceCustomAclService- Parameters:
id- AclObjectIdentity id- Returns:
- the object identity
-
getObjectIdentity
@Transactional(readOnly=true) @PreAuthorize("hasRole(\'ADMINISTRATOR\') or hasPermission(#id, #className, \'ADMINISTRATION\')") public AclObjectIdentity getObjectIdentity(long id, String className)Description copied from interface:CustomAclServiceGets the object identity for object of type className with specified id.- Specified by:
getObjectIdentityin interfaceCustomAclService- Parameters:
id- the idclassName- the clazz- Returns:
- the object identity
-
getObjectIdentity
@Transactional(readOnly=true) @PreAuthorize("hasRole(\'ADMINISTRATOR\') or hasPermission(#entity, \'ADMINISTRATION\')") public AclObjectIdentity getObjectIdentity(AclAwareModel entity)Description copied from interface:CustomAclServiceGets the object identity of the entity.- Specified by:
getObjectIdentityin interfaceCustomAclService- Parameters:
entity- the entity- Returns:
- the object identity
-
getAvailablePermissions
@Transactional(readOnly=true) public org.springframework.security.acls.model.Permission[] getAvailablePermissions(String className)
Description copied from interface:CustomAclServiceGets the available permissions.- Specified by:
getAvailablePermissionsin interfaceCustomAclService- Parameters:
className- the class name- Returns:
- the available permissions
-
getPermissions
@Transactional(readOnly=true) @PreAuthorize("hasRole(\'ADMINISTRATOR\') or hasPermission(#id, #className, \'ADMINISTRATION\')") public List<SidPermissions> getPermissions(long id, String className)Description copied from interface:CustomAclServiceGets the permissions.- Specified by:
getPermissionsin interfaceCustomAclService- Parameters:
id- the idclassName- the class name- Returns:
- the permissions
-
getPermissions
@Transactional(readOnly=true) @PreAuthorize("hasRole(\'ADMINISTRATOR\') or hasPermission(#entity, \'ADMINISTRATION\')") public List<SidPermissions> getPermissions(AclAwareModel entity)Description copied from interface:CustomAclServiceGets the permissions.- Specified by:
getPermissionsin interfaceCustomAclService- Parameters:
entity- the entity- Returns:
- the permissions
-
setPermissions
@Transactional(propagation=REQUIRED, isolation=READ_UNCOMMITTED) @PreAuthorize("hasRole(\'ADMINISTRATOR\') or hasPermission(#entity, \'ADMINISTRATION\')") public AclObjectIdentity setPermissions(AclAwareModel entity, AclSid sid, Permissions permissions)Description copied from interface:CustomAclServiceUpdate permissions.- Specified by:
setPermissionsin interfaceCustomAclService- Parameters:
entity- the entitysid- the sidpermissions- the permissions- Returns:
- the acl object identity
-
setPermissions
@Transactional(propagation=REQUIRED, isolation=READ_UNCOMMITTED) @PreAuthorize("hasRole(\'ADMINISTRATOR\') or hasPermission(#objectIdentity.objectIdIdentity, #objectIdentity.aclClass.aclClass, \'ADMINISTRATION\')") public AclObjectIdentity setPermissions(AclObjectIdentity objectIdentity, AclSid sid, Permissions permissions)Description copied from interface:CustomAclServiceUpdate permissions.- Specified by:
setPermissionsin interfaceCustomAclService- Parameters:
objectIdentity- the object identitysid- the sidpermissions- the permissions- Returns:
- the acl object identity
-
removePermissions
@Transactional(propagation=REQUIRED, isolation=READ_UNCOMMITTED) public AclObjectIdentity removePermissions(AclObjectIdentity objectIdentity, AclSid sid)Description copied from interface:CustomAclServiceRemoves the permissions for SID on ACL OID.- Specified by:
removePermissionsin interfaceCustomAclService- Parameters:
objectIdentity- the object identitysid- the acl sid- Returns:
- the acl object identity
-
getAclEntries
@Transactional(readOnly=true) @PreAuthorize("hasRole(\'ADMINISTRATOR\') or hasPermission(#objectIdentity.objectIdIdentity, #objectIdentity.aclClass.aclClass, \'ADMINISTRATION\')") public List<AclEntry> getAclEntries(AclObjectIdentity objectIdentity)Description copied from interface:CustomAclServiceGets the acl entries.- Specified by:
getAclEntriesin interfaceCustomAclService- Parameters:
objectIdentity- the object identity- Returns:
- the acl entries
-
getAclEntries
@Transactional(readOnly=true) @PreAuthorize("hasRole(\'ADMINISTRATOR\') or hasPermission(#entity, \'ADMINISTRATION\')") public List<AclEntry> getAclEntries(AclAwareModel entity)Description copied from interface:CustomAclServiceGets the acl entries.- Specified by:
getAclEntriesin interfaceCustomAclService- Parameters:
entity- the entity- Returns:
- the acl entries
-
getSids
@Transactional(readOnly=true) @PreAuthorize("hasRole(\'ADMINISTRATOR\') or hasPermission(#id, #className, \'ADMINISTRATION\')") public List<AclSid> getSids(long id, String className)Description copied from interface:CustomAclServiceGets the sids.- Specified by:
getSidsin interfaceCustomAclService- Parameters:
id- the idclassName- the class name- Returns:
- the sids
-
getSids
@Transactional(readOnly=true) @PreAuthorize("hasRole(\'ADMINISTRATOR\') or hasPermission(#entity, \'ADMINISTRATION\')") public List<AclSid> getSids(AclAwareModel entity)Description copied from interface:CustomAclServiceGets the sids.- Specified by:
getSidsin interfaceCustomAclService- Parameters:
entity- the entity- Returns:
- the sids
-
listAuthoritySids
@Transactional(readOnly=true) public List<AclSid> listAuthoritySids()
Description copied from interface:CustomAclServiceList authority sids.- Specified by:
listAuthoritySidsin interfaceCustomAclService- Returns:
- the list of
AclSidfor authorities
-
ensureObjectIdentity
@Transactional(propagation=REQUIRED, isolation=READ_UNCOMMITTED) public AclObjectIdentity ensureObjectIdentity(long objectIdIdentity, String className)Description copied from interface:CustomAclServiceEnsure object identity.- Specified by:
ensureObjectIdentityin interfaceCustomAclService- Parameters:
objectIdIdentity- the object id identityclassName- the class name- Returns:
- the acl object identity
-
listObjectIdentityIdsForSid
@Transactional(readOnly=true) public List<Long> listObjectIdentityIdsForSid(Class<? extends AclAwareModel> clazz, AclSid sid, org.springframework.security.acls.model.Permission permission)
Description copied from interface:CustomAclServiceList IDs of the specified class for the SID with specified permissions.- Specified by:
listObjectIdentityIdsForSidin interfaceCustomAclService- Parameters:
clazz- the clazzsid- the sidpermission- the permission- Returns:
- the list
-
makePubliclyReadable
@Transactional(propagation=REQUIRED, isolation=READ_UNCOMMITTED) @PreAuthorize("hasRole(\'ADMINISTRATOR\') or hasPermission(#entity, \'ADMINISTRATION\')") public void makePubliclyReadable(AclAwareModel entity, boolean publiclyReadable)Description copied from interface:CustomAclServiceMake entity publicly readable (or not).- Specified by:
makePubliclyReadablein interfaceCustomAclService- Parameters:
entity- The entitypubliclyReadable- true or false?
-
cleanupAcl
@Transactional public void cleanupAcl()
Description copied from interface:CustomAclServiceCleanup ACL: removeAclEntryandAclObjectIdentityfor missing ACL-aware entities, remove obsoleteAclClass.- Specified by:
cleanupAclin interfaceCustomAclService
-
-