Package org.genesys.blocks.security.service.impl

Class CustomAclServiceImpl

java.lang.Object
org.genesys.blocks.security.service.impl.CustomAclServiceImpl
All Implemented Interfaces:
CustomAclService, JsonSidConverter.SidProvider
@Service @Transactional public class CustomAclServiceImpl extends Object implements CustomAclService
The Class CustomAclServiceImpl.

  • Field Details

    • CACHE_SID_NAMES

      public static final String CACHE_SID_NAMES
      The name of the cache holding SID id-to-name mappings.
      See Also:

  • Constructor Details

    • CustomAclServiceImpl

      public CustomAclServiceImpl()

  • Method Details

    • getSid

      @Transactional(readOnly=true) public AclSid getSid(Long id)
      Description copied from interface: CustomAclService
      Get SID by ID.
      Specified by:
      getSid in interface CustomAclService
      Parameters:
      id - -- ID of an AclSid entity
      Returns:
      persisted AclSid entity with specified id

    • getSidName

      @Transactional(readOnly=true) @Cacheable(cacheNames="aclSidNames", key="#id", unless="#result == null") public String getSidName(long id)
      Description copied from interface: CustomAclService
      Gets the sid name.
      Specified by:
      getSidName in interface CustomAclService
      Specified by:
      getSidName in interface JsonSidConverter.SidProvider
      Parameters:
      id - the id
      Returns:
      the sid name

    • getSidId

      @Transactional(readOnly=true, propagation=REQUIRES_NEW, isolation=READ_UNCOMMITTED) @Cacheable(cacheNames="aclSidNames", key="#sid", unless="#result == null") public Long getSidId(String sid)
      Description copied from interface: CustomAclService
      Gets the sid id.
      Specified by:
      getSidId in interface CustomAclService
      Parameters:
      sid - the sid
      Returns:
      the sid id

    • getAuthoritySid

      public AclSid getAuthoritySid(String authority)
      Description copied from interface: CustomAclService
      Gets the sid for the specified authority.
      Specified by:
      getAuthoritySid in interface CustomAclService
      Parameters:
      authority - the authority (must start with "ROLE_")
      Returns:
      the authority sid

    • ensureAuthoritySid

      @Transactional(propagation=REQUIRED) public AclSid ensureAuthoritySid(String authority)
      Description copied from interface: CustomAclService
      Gets (and creates if missing) the sid for the specified authority.
      Specified by:
      ensureAuthoritySid in interface CustomAclService
      Parameters:
      authority - the authority (must start with "ROLE_")
      Returns:
      the authority sid

    • removeAuthoritySid

      @Transactional(propagation=REQUIRED) public AclSid removeAuthoritySid(String authority)
      Description copied from interface: CustomAclService
      Removes the sid of the specified authority.
      Specified by:
      removeAuthoritySid in interface CustomAclService
      Parameters:
      authority - the authority name
      Returns:
      the acl sid

    • createOrUpdatePermissions

      @Transactional(propagation=REQUIRED) public AclObjectIdentity createOrUpdatePermissions(AclAwareModel target, AclSid ownerSid)
      Description copied from interface: CustomAclService
      Adds the creator permissions or updates permission inheritance.
      Specified by:
      createOrUpdatePermissions in interface CustomAclService
      Parameters:
      target - the ACL entity
      ownerSid - Owner
      Returns:
      the acl object identity

    • createOrUpdatePermissions

      @Transactional(propagation=REQUIRED) public AclObjectIdentity createOrUpdatePermissions(AclAwareModel target)
      Description copied from interface: CustomAclService
      Adds the creator permissions or updates permission inheritance.
      Specified by:
      createOrUpdatePermissions in interface CustomAclService
      Parameters:
      target - the target
      Returns:
      the acl object identity

    • updateInheriting

      @PreAuthorize("hasRole(\'ADMINISTRATOR\')") public AclObjectIdentity updateInheriting(long objectIdIdentity, boolean entriesInheriting)
      Description copied from interface: CustomAclService
      Updates inheriting status of object identity.
      Specified by:
      updateInheriting in interface CustomAclService
      Parameters:
      objectIdIdentity - the id of object identity
      entriesInheriting - the inheriting status
      Returns:
      the acl object identity

    • setAclParent

      @PreAuthorize("hasRole(\'ADMINISTRATOR\')") public AclObjectIdentity setAclParent(AclAwareModel target, AclAwareModel parent)
      Description copied from interface: CustomAclService
      Set ACL parent object for inherited permissions.
      Specified by:
      setAclParent in interface CustomAclService
      Parameters:
      target - the target ACL object on which to change ACL
      parent - the parent ACL object
      Returns:
      the acl object identity

    • updateParentObject

      @PreAuthorize("hasRole(\'ADMINISTRATOR\')") public AclObjectIdentity updateParentObject(long objectIdIdentity, long parentObjectId)
      Description copied from interface: CustomAclService
      Updates parent object of object identity.
      Specified by:
      updateParentObject in interface CustomAclService
      Parameters:
      objectIdIdentity - the id of object identity
      parentObjectId - the id of parent object identity
      Returns:
      the acl object identity

    • removeAclAwareModel

      @Transactional(propagation=REQUIRED, isolation=READ_UNCOMMITTED) public void removeAclAwareModel(AclAwareModel target)
      Remove ACL data for AclAwareModel: deletes AclObjectIdentity and associated AclEntry list. If target happens to be AclSid, permissions granted to the SID are removed.
      Specified by:
      removeAclAwareModel in interface CustomAclService
      Parameters:
      target - the target

    • removePermissionsFor

      @Transactional(propagation=REQUIRED) public void removePermissionsFor(AclSid sid)
      Description copied from interface: CustomAclService
      Removes the all permissions of SID.
      Specified by:
      removePermissionsFor in interface CustomAclService
      Parameters:
      sid - the sid

    • loadObjectIdentityExt

      @Transactional(readOnly=true) public CustomAclService.AclObjectIdentityExt loadObjectIdentityExt(AclObjectIdentity objectIdentity)
      Description copied from interface: CustomAclService
      Load object identity extended information.
      Specified by:
      loadObjectIdentityExt in interface CustomAclService
      Parameters:
      objectIdentity - the object identity
      Returns:
      the acl object identity ext

    • getObjectIdentity

      @Transactional(readOnly=true) @PostAuthorize("returnObject==null or hasRole(\'ADMINISTRATOR\') or hasPermission(returnObject.objectIdIdentity, returnObject.aclClass.aclClass, \'READ\')") public AclObjectIdentity getObjectIdentity(long id)
      Description copied from interface: CustomAclService
      Get object identity by internal id.
      Specified by:
      getObjectIdentity in interface CustomAclService
      Parameters:
      id - AclObjectIdentity id
      Returns:
      the object identity

    • getObjectIdentity

      @Transactional(readOnly=true) @PreAuthorize("hasRole(\'ADMINISTRATOR\') or hasPermission(#id, #className, \'ADMINISTRATION\')") public AclObjectIdentity getObjectIdentity(long id, String className)
      Description copied from interface: CustomAclService
      Gets the object identity for object of type className with specified id.
      Specified by:
      getObjectIdentity in interface CustomAclService
      Parameters:
      id - the id
      className - the clazz
      Returns:
      the object identity

    • getObjectIdentity

      @Transactional(readOnly=true) @PreAuthorize("hasRole(\'ADMINISTRATOR\') or hasPermission(#entity, \'ADMINISTRATION\')") public AclObjectIdentity getObjectIdentity(AclAwareModel entity)
      Description copied from interface: CustomAclService
      Gets the object identity of the entity.
      Specified by:
      getObjectIdentity in interface CustomAclService
      Parameters:
      entity - the entity
      Returns:
      the object identity

    • getAvailablePermissions

      @Transactional(readOnly=true) public org.springframework.security.acls.model.Permission[] getAvailablePermissions(String className)
      Description copied from interface: CustomAclService
      Gets the available permissions.
      Specified by:
      getAvailablePermissions in interface CustomAclService
      Parameters:
      className - the class name
      Returns:
      the available permissions

    • getPermissions

      @Transactional(readOnly=true) @PreAuthorize("hasRole(\'ADMINISTRATOR\') or hasPermission(#id, #className, \'ADMINISTRATION\')") public List<SidPermissions> getPermissions(long id, String className)
      Description copied from interface: CustomAclService
      Gets the permissions.
      Specified by:
      getPermissions in interface CustomAclService
      Parameters:
      id - the id
      className - the class name
      Returns:
      the permissions

    • getPermissions

      @Transactional(readOnly=true) @PreAuthorize("hasRole(\'ADMINISTRATOR\') or hasPermission(#entity, \'ADMINISTRATION\')") public List<SidPermissions> getPermissions(AclAwareModel entity)
      Description copied from interface: CustomAclService
      Gets the permissions.
      Specified by:
      getPermissions in interface CustomAclService
      Parameters:
      entity - the entity
      Returns:
      the permissions

    • setPermissions

      @Transactional(propagation=REQUIRED, isolation=READ_UNCOMMITTED) @PreAuthorize("hasRole(\'ADMINISTRATOR\') or hasPermission(#entity, \'ADMINISTRATION\')") public AclObjectIdentity setPermissions(AclAwareModel entity, AclSid sid, Permissions permissions)
      Description copied from interface: CustomAclService
      Update permissions.
      Specified by:
      setPermissions in interface CustomAclService
      Parameters:
      entity - the entity
      sid - the sid
      permissions - the permissions
      Returns:
      the acl object identity

    • setPermissions

      @Transactional(propagation=REQUIRED, isolation=READ_UNCOMMITTED) @PreAuthorize("hasRole(\'ADMINISTRATOR\') or hasPermission(#objectIdentity.objectIdIdentity, #objectIdentity.aclClass.aclClass, \'ADMINISTRATION\')") public AclObjectIdentity setPermissions(AclObjectIdentity objectIdentity, AclSid sid, Permissions permissions)
      Description copied from interface: CustomAclService
      Update permissions.
      Specified by:
      setPermissions in interface CustomAclService
      Parameters:
      objectIdentity - the object identity
      sid - the sid
      permissions - the permissions
      Returns:
      the acl object identity

    • removePermissions

      @Transactional(propagation=REQUIRED, isolation=READ_UNCOMMITTED) public AclObjectIdentity removePermissions(AclObjectIdentity objectIdentity, AclSid sid)
      Description copied from interface: CustomAclService
      Removes the permissions for SID on ACL OID.
      Specified by:
      removePermissions in interface CustomAclService
      Parameters:
      objectIdentity - the object identity
      sid - the acl sid
      Returns:
      the acl object identity

    • getAclEntries

      @Transactional(readOnly=true) @PreAuthorize("hasRole(\'ADMINISTRATOR\') or hasPermission(#objectIdentity.objectIdIdentity, #objectIdentity.aclClass.aclClass, \'ADMINISTRATION\')") public List<AclEntry> getAclEntries(AclObjectIdentity objectIdentity)
      Description copied from interface: CustomAclService
      Gets the acl entries.
      Specified by:
      getAclEntries in interface CustomAclService
      Parameters:
      objectIdentity - the object identity
      Returns:
      the acl entries

    • getAclEntries

      @Transactional(readOnly=true) @PreAuthorize("hasRole(\'ADMINISTRATOR\') or hasPermission(#entity, \'ADMINISTRATION\')") public List<AclEntry> getAclEntries(AclAwareModel entity)
      Description copied from interface: CustomAclService
      Gets the acl entries.
      Specified by:
      getAclEntries in interface CustomAclService
      Parameters:
      entity - the entity
      Returns:
      the acl entries

    • getSids

      @Transactional(readOnly=true) @PreAuthorize("hasRole(\'ADMINISTRATOR\') or hasPermission(#id, #className, \'ADMINISTRATION\')") public List<AclSid> getSids(long id, String className)
      Description copied from interface: CustomAclService
      Gets the sids.
      Specified by:
      getSids in interface CustomAclService
      Parameters:
      id - the id
      className - the class name
      Returns:
      the sids

    • getSids

      @Transactional(readOnly=true) @PreAuthorize("hasRole(\'ADMINISTRATOR\') or hasPermission(#entity, \'ADMINISTRATION\')") public List<AclSid> getSids(AclAwareModel entity)
      Description copied from interface: CustomAclService
      Gets the sids.
      Specified by:
      getSids in interface CustomAclService
      Parameters:
      entity - the entity
      Returns:
      the sids

    • listAuthoritySids

      @Transactional(readOnly=true) public List<AclSid> listAuthoritySids()
      Description copied from interface: CustomAclService
      List authority sids.
      Specified by:
      listAuthoritySids in interface CustomAclService
      Returns:
      the list of AclSid for authorities

    • ensureObjectIdentity

      @Transactional(propagation=REQUIRED, isolation=READ_UNCOMMITTED) public AclObjectIdentity ensureObjectIdentity(long objectIdIdentity, String className)
      Description copied from interface: CustomAclService
      Ensure object identity.
      Specified by:
      ensureObjectIdentity in interface CustomAclService
      Parameters:
      objectIdIdentity - the object id identity
      className - the class name
      Returns:
      the acl object identity

    • listObjectIdentityIdsForSid

      @Transactional(readOnly=true) public List<Long> listObjectIdentityIdsForSid(Class<? extends AclAwareModel> clazz, AclSid sid, org.springframework.security.acls.model.Permission permission)
      Description copied from interface: CustomAclService
      List IDs of the specified class for the SID with specified permissions.
      Specified by:
      listObjectIdentityIdsForSid in interface CustomAclService
      Parameters:
      clazz - the clazz
      sid - the sid
      permission - the permission
      Returns:
      the list

    • makePubliclyReadable

      @Transactional(propagation=REQUIRED, isolation=READ_UNCOMMITTED) @PreAuthorize("hasRole(\'ADMINISTRATOR\') or hasPermission(#entity, \'ADMINISTRATION\')") public void makePubliclyReadable(AclAwareModel entity, boolean publiclyReadable)
      Description copied from interface: CustomAclService
      Make entity publicly readable (or not).
      Specified by:
      makePubliclyReadable in interface CustomAclService
      Parameters:
      entity - The entity
      publiclyReadable - true or false?

    • cleanupAcl

      @Transactional public void cleanupAcl()
      Description copied from interface: CustomAclService
      Cleanup ACL: remove AclEntry and AclObjectIdentity for missing ACL-aware entities, remove obsolete AclClass.
      Specified by:
      cleanupAcl in interface CustomAclService