Package org.ametys.plugins.repository.jcr

Class ACLJCRAmetysObjectHelper

java.lang.Object

org.ametys.plugins.repository.jcr.ACLJCRAmetysObjectHelper

All Implemented Interfaces:

LogEnabled, Component, Serviceable

public class ACLJCRAmetysObjectHelper
extends Object
implements Component, Serviceable, LogEnabled

Helper for implementing ModifiableACLAmetysObject in JCR under its node.

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
(package private) static class	ACLJCRAmetysObjectHelper.ACLProfileExpression
(package private) static class	ACLJCRAmetysObjectHelper.AllowedProfileExpression
(package private) static class	ACLJCRAmetysObjectHelper.AnonymousAllowedProfileExpression
(package private) static class	ACLJCRAmetysObjectHelper.AnonymousDeniedProfileExpression
(package private) static class	ACLJCRAmetysObjectHelper.AnyConnectedAllowedProfileExpression
(package private) static class	ACLJCRAmetysObjectHelper.AnyConnectedDeniedProfileExpression
(package private) static class	ACLJCRAmetysObjectHelper.DeniedProfileExpression

Field Summary

Fields

Modifier and Type	Field	Description
private static Map<ProfileAssignmentStorage.AnonymousOrAnyConnectedKeys,Set<String>>	__ANONYMOUS_OR_ANYCONNECTEDUSER_NORIGHT
private static String	__NODE_NAME_ACL_GROUPS
private static String	__NODE_NAME_ACL_USERS
private static String	__NODE_NAME_ROOT_ACL
private static String	__NODETYPE_ACL_GROUP
private static String	__NODETYPE_ACL_USER
private static String	__NODETYPE_ROOT_ACL
private static String	__NODETYPE_UNSTRUCTURED
private static String	__PROPERTY_NAME_ALLOWED_ANONYMOUS_PROFILES
private static String	__PROPERTY_NAME_ALLOWED_ANY_CONNECTED_PROFILES
private static String	__PROPERTY_NAME_ALLOWED_PROFILES
private static String	__PROPERTY_NAME_DENIED_ANONYMOUS_PROFILES
private static String	__PROPERTY_NAME_DENIED_ANY_CONNECTED_PROFILES
private static String	__PROPERTY_NAME_DENIED_PROFILES
private static String	__PROPERTY_NAME_DISALLOW_INHERITANCE
private static Map<ProfileAssignmentStorage.UserOrGroup,Set<String>>	__USER_OR_GROUP_NORIGHT
private static org.slf4j.Logger	_logger
protected static Repository	_repository	The repository
protected static AmetysObjectResolver	_resolver	The AmetysObject resolver

Constructor Summary

Constructors

Constructor	Description
ACLJCRAmetysObjectHelper()

Method Summary

Modifier and Type	Method	Description
private static void	_addProperty(Node node, String propertyName, String profileToAdd)
private static void	_checkLock(Node node)
private static Set<String>	_convertNodeToPath(Set<? extends Object> rootNodes)
private static Node	_getACLNode(Node node)
private static NodeIterator	_getApprochingACLGroups(Set<GroupIdentity> groups, String rootPath, Expression predicat)
private static Node	_getGroupsNode(Node node)
private static Node	_getOrCreateACLNode(Node node)
private static Node	_getOrCreateGroupNode(Node node, GroupIdentity groupIdentity)
private static Node	_getOrCreateGroupsNode(Node node)
private static Node	_getOrCreateUserNode(Node node, UserIdentity userIdentity)
private static Node	_getOrCreateUsersNode(Node node)
private static Set<String>	_getProperty(Node node, String propertyName)
private static Node	_getUserNode(Node node, UserIdentity user)
private static Node	_getUsersNode(Node node)
private static NodeIterator	_query(String jcrQuery)
private static void	_removeProperty(Node node, String propertyName, String profileToRemove)
private static void	_save(Node node)
private static void	_setProperty(Node node, String propertyName, Set<String> profiles)
static void	addAllowedGroups(Set<GroupIdentity> groups, Node node, String profileId)	Helper for ModifiableACLAmetysObject.addAllowedGroups(Set, String)
static void	addAllowedProfilesForAnonymous(Node node, Set<String> profileIds)	Helper for ModifiableACLAmetysObject.addAllowedProfilesForAnonymous(Set)
static void	addAllowedProfilesForAnyConnectedUser(Node node, Set<String> profileIds)	Helper for ModifiableACLAmetysObject.addAllowedProfilesForAnyConnectedUser(Set)
static void	addAllowedUsers(Set<UserIdentity> users, Node node, String profileId)	Helper for ModifiableACLAmetysObject.addAllowedUsers(Set, String)
static void	addDeniedGroups(Set<GroupIdentity> groups, Node node, String profileId)	Helper for ModifiableACLAmetysObject.addDeniedGroups(Set, String)
static void	addDeniedProfilesForAnonymous(Node node, Set<String> profileIds)	Helper for ModifiableACLAmetysObject.addDeniedProfilesForAnyConnectedUser(Set)
static void	addDeniedProfilesForAnyConnectedUser(Node node, Set<String> profileIds)	Helper for ModifiableACLAmetysObject.addDeniedProfilesForAnyConnectedUser(Set)
static void	addDeniedUsers(Set<UserIdentity> users, Node node, String profileId)	Helper for ModifiableACLAmetysObject.addDeniedUsers(Set, String)
static void	disallowInheritance(Node node, boolean disallow)	Helper for ModifiableACLAmetysObject.disallowInheritance(boolean)
static NodeIterator	getACLGroups(GroupIdentity group, String rootPath, Expression predicat)	Returns all ACL objects for a given group (ametys:acl-group nodes)
static NodeIterator	getACLGroups(Expression predicat)	Returns all ACL objects for groups (ametys:acl-group nodes)
static NodeIterator	getACLRoots(String rootPath, Expression predicat)	Returns all ACL root objects (ametys:acl nodes)
static NodeIterator	getACLUsers(UserIdentity user, String rootPath, Expression predicat)	Returns all ACL objects for a given user (ametys:acl-user nodes)
static NodeIterator	getACLUsers(Expression predicat)	Returns all ACL objects for users (ametys:acl-user nodes)
static Map<ProfileAssignmentStorage.AnonymousOrAnyConnectedKeys,Set<String>>	getProfilesForAnonymousAndAnyConnectedUser(Node node)	Helper for ACLAmetysObject.getProfilesForAnonymousAndAnyConnectedUser()
static Map<GroupIdentity,Map<ProfileAssignmentStorage.UserOrGroup,Set<String>>>	getProfilesForGroups(Node node, Set<GroupIdentity> groups)	Helper for ACLAmetysObject.getProfilesForGroups(java.util.Set<org.ametys.core.group.GroupIdentity>)
static Map<UserIdentity,Map<ProfileAssignmentStorage.UserOrGroup,Set<String>>>	getProfilesForUsers(Node node, UserIdentity user)	Helper for ACLAmetysObject.getProfilesForUsers(org.ametys.core.user.UserIdentity)
static Set<String>	hasAnonymousAnyAllowedProfile(Set<? extends Object> rootNodes, Set<String> profileIds)	Returns some profiles that are matching if any ACL Ametys object has one of the given profiles as allowed for anonymous
static Set<String>	hasAnyConnectedAnyAllowedProfile(Set<? extends Object> rootNodes, Set<String> profileIds)	Returns some profiles that are matching if any ACL Ametys object has one of the given profiles as allowed for any connected user
static Set<String>	hasGroupAnyAllowedProfile(Set<? extends Object> rootNodes, Set<GroupIdentity> groups, Set<String> profileIds)	Returns some profiles that are matching if any ACL Ametys object has one of the given profiles as allowed for the group
static Set<String>	hasUserAnyAllowedProfile(Set<? extends Object> rootNodes, UserIdentity user, Set<String> profileIds)	Returns some profiles that are matching if any ACL Ametys object has one of the given profiles as allowed for the user
static boolean	isInheritanceDisallowed(Node node)	Helper for ACLAmetysObject.isInheritanceDisallowed()
static void	removeAllowedGroups(Set<GroupIdentity> groups, Node node)	Helper for ModifiableACLAmetysObject.removeAllowedGroups(Set)
static void	removeAllowedGroups(Set<GroupIdentity> groups, Node node, String profileId)	Helper for ModifiableACLAmetysObject.removeAllowedGroups(Set, String)
static void	removeAllowedProfilesForAnonymous(Node node, Set<String> profileIds)	Helper for ModifiableACLAmetysObject.removeAllowedProfilesForAnonymous(Set)
static void	removeAllowedProfilesForAnyConnectedUser(Node node, Set<String> profileIds)	Helper for ModifiableACLAmetysObject.removeAllowedProfilesForAnyConnectedUser(Set)
static void	removeAllowedUsers(Set<UserIdentity> users, Node node)	Helper for ModifiableACLAmetysObject.removeAllowedGroups(Set)
static void	removeAllowedUsers(Set<UserIdentity> users, Node node, String profileId)	Helper for ModifiableACLAmetysObject.removeAllowedUsers(Set, String)
static void	removeDeniedGroups(Set<GroupIdentity> groups, Node node)	Helper for ModifiableACLAmetysObject.removeDeniedGroups(Set)
static void	removeDeniedGroups(Set<GroupIdentity> groups, Node node, String profileId)	Helper for ModifiableACLAmetysObject.removeDeniedGroups(Set, String)
static void	removeDeniedProfilesForAnonymous(Node node, Set<String> profileIds)	Helper for ModifiableACLAmetysObject.removeDeniedProfilesForAnyConnectedUser(Set)
static void	removeDeniedProfilesForAnyConnectedUser(Node node, Set<String> profileIds)	Helper for ModifiableACLAmetysObject.removeDeniedProfilesForAnyConnectedUser(Set)
static void	removeDeniedUsers(Set<UserIdentity> users, Node node)	Helper for ModifiableACLAmetysObject.removeDeniedUsers(Set)
static void	removeDeniedUsers(Set<UserIdentity> users, Node node, String profileId)	Helper for ModifiableACLAmetysObject.removeDeniedUsers(Set, String)
static void	removeGroup(GroupIdentity group)	Helper for ModifiableACLAmetysObjectProfileAssignmentStorage.removeGroup(GroupIdentity)
static void	removeProfile(String profileId)	Helper for ModifiableACLAmetysObjectProfileAssignmentStorage.removeProfile(String)
static void	removeUser(UserIdentity user)	Helper for ModifiableACLAmetysObjectProfileAssignmentStorage.removeUser(UserIdentity)
void	service(ServiceManager manager)
void	setLogger(org.slf4j.Logger logger)	Called at creation time to provide a Logger.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

_resolver

protected static AmetysObjectResolver _resolver

The AmetysObject resolver

_repository

protected static Repository _repository

The repository

__NODE_NAME_ROOT_ACL

private static final String __NODE_NAME_ROOT_ACL

See Also:

Constant Field Values

__NODETYPE_ROOT_ACL

private static final String __NODETYPE_ROOT_ACL

See Also:

Constant Field Values

__NODE_NAME_ACL_USERS

private static final String __NODE_NAME_ACL_USERS

See Also:

Constant Field Values

__NODE_NAME_ACL_GROUPS

private static final String __NODE_NAME_ACL_GROUPS

See Also:

Constant Field Values

__NODETYPE_ACL_USER

private static final String __NODETYPE_ACL_USER

See Also:

Constant Field Values

__NODETYPE_ACL_GROUP

private static final String __NODETYPE_ACL_GROUP

See Also:

Constant Field Values

__NODETYPE_UNSTRUCTURED

private static final String __NODETYPE_UNSTRUCTURED

See Also:

Constant Field Values

__PROPERTY_NAME_ALLOWED_ANY_CONNECTED_PROFILES

private static final String __PROPERTY_NAME_ALLOWED_ANY_CONNECTED_PROFILES

See Also:

Constant Field Values

__PROPERTY_NAME_DENIED_ANY_CONNECTED_PROFILES

private static final String __PROPERTY_NAME_DENIED_ANY_CONNECTED_PROFILES

See Also:

Constant Field Values

__PROPERTY_NAME_ALLOWED_ANONYMOUS_PROFILES

private static final String __PROPERTY_NAME_ALLOWED_ANONYMOUS_PROFILES

See Also:

Constant Field Values

__PROPERTY_NAME_DENIED_ANONYMOUS_PROFILES

private static final String __PROPERTY_NAME_DENIED_ANONYMOUS_PROFILES

See Also:

Constant Field Values

__PROPERTY_NAME_ALLOWED_PROFILES

private static final String __PROPERTY_NAME_ALLOWED_PROFILES

See Also:

Constant Field Values

__PROPERTY_NAME_DENIED_PROFILES

private static final String __PROPERTY_NAME_DENIED_PROFILES

See Also:

Constant Field Values

__PROPERTY_NAME_DISALLOW_INHERITANCE

private static final String __PROPERTY_NAME_DISALLOW_INHERITANCE

See Also:

Constant Field Values

__ANONYMOUS_OR_ANYCONNECTEDUSER_NORIGHT

private static final Map<ProfileAssignmentStorage.AnonymousOrAnyConnectedKeys,Set<String>> __ANONYMOUS_OR_ANYCONNECTEDUSER_NORIGHT

__USER_OR_GROUP_NORIGHT

private static final Map<ProfileAssignmentStorage.UserOrGroup,Set<String>> __USER_OR_GROUP_NORIGHT

_logger

private static org.slf4j.Logger _logger

Constructor Detail

ACLJCRAmetysObjectHelper

public ACLJCRAmetysObjectHelper()

Method Detail

service

public void service(ServiceManager manager)
             throws ServiceException

Specified by:

service in interface Serviceable

Throws:

ServiceException

setLogger

public void setLogger(org.slf4j.Logger logger)

Description copied from interface: LogEnabled

Called at creation time to provide a Logger.

Specified by:

setLogger in interface LogEnabled

Parameters:

logger - a Logger for messages.

_convertNodeToPath

private static Set<String> _convertNodeToPath(Set<? extends Object> rootNodes)

hasUserAnyAllowedProfile

public static Set<String> hasUserAnyAllowedProfile(Set<? extends Object> rootNodes,
                                                   UserIdentity user,
                                                   Set<String> profileIds)

Returns some profiles that are matching if any ACL Ametys object has one of the given profiles as allowed for the user

Parameters:

user - The user

profileIds - The ids of the profiles to check

rootNodes - The JCR root nodes where starts the query search (must be something like "//element(myNode, ametys:collection)"), it will be the beginning of the JCR query. Can be null to not restrict the search.

Returns:

If the Set is empty, it means the user has no matching profile.
If the Set is non empty, it contains at least one of the given profile BUT it may not contains all the matching profiles for the user AND it can contains some other profiles that were not in the given profiles

hasGroupAnyAllowedProfile

public static Set<String> hasGroupAnyAllowedProfile(Set<? extends Object> rootNodes,
                                                    Set<GroupIdentity> groups,
                                                    Set<String> profileIds)

Returns some profiles that are matching if any ACL Ametys object has one of the given profiles as allowed for the group

Parameters:

groups - The groups

profileIds - The ids of the profiles

rootNodes - The JCR root nodes where starts the query search (must be something like "//element(myNode, ametys:collection)"), it will be the beginning of the JCR query. Can be null to not restrict the search.

Returns:

If the Set is empty, it means the group has no matching profile.
If the Set is non empty, it contains at least one of the given profile BUT it may not contains all the matching profiles for the group AND it can contains some other profiles that were not in the given profiles

hasAnyConnectedAnyAllowedProfile

public static Set<String> hasAnyConnectedAnyAllowedProfile(Set<? extends Object> rootNodes,
                                                           Set<String> profileIds)

Returns some profiles that are matching if any ACL Ametys object has one of the given profiles as allowed for any connected user

Parameters:

profileIds - The ids of the profiles

rootNodes - The JCR root nodes where starts the query search (must be something like "//element(myNode, ametys:collection)"), it will be the beginning of the JCR query. Can be null to not restrict the search.

Returns:

If the Set is empty, it means any connected user has no matching profile.
If the Set is non empty, it contains at least one of the given profile BUT it may not contains all the matching profiles for anyconnected user AND it can contains some other profiles that were not in the given profiles

hasAnonymousAnyAllowedProfile

public static Set<String> hasAnonymousAnyAllowedProfile(Set<? extends Object> rootNodes,
                                                        Set<String> profileIds)

Returns some profiles that are matching if any ACL Ametys object has one of the given profiles as allowed for anonymous

Parameters:

profileIds - The ids of the profiles

rootNodes - The JCR root nodes where starts the query search (must be something like "//element(myNode, ametys:collection)"), it will be the beginning of the JCR query. Can be null to not restrict the search.

Returns:

If the Set is empty, it means anonymous has no matching profile.
If the Set is non empty, it contains at least one of the given profile BUT it may not contains all the matching profiles for anonymous AND it can contains some other profiles that were not in the given profiles

getACLRoots

public static NodeIterator getACLRoots(String rootPath,
                                       Expression predicat)

Returns all ACL root objects (ametys:acl nodes)

Parameters:

rootPath - The root path to restrict the search. Can be null.

predicat - The predicat expression. Can be null.

Returns:

The ACL root objects

getACLUsers

public static NodeIterator getACLUsers(UserIdentity user,
                                       String rootPath,
                                       Expression predicat)

Returns all ACL objects for a given user (ametys:acl-user nodes)

Parameters:

user - The user

rootPath - The root path to restrict the search. Can be null.

predicat - The predicat expression. Can be null.

Returns:

The ACL user objects for user

getACLUsers

public static NodeIterator getACLUsers(Expression predicat)

Returns all ACL objects for users (ametys:acl-user nodes)

Parameters:

predicat - The predicat expression. Can be null.

Returns:

The ACL user objects for users

getACLGroups

public static NodeIterator getACLGroups(Expression predicat)

Returns all ACL objects for groups (ametys:acl-group nodes)

Parameters:

predicat - The predicat expression. Can be null.

Returns:

The ACL group objects for groups

_getApprochingACLGroups

private static NodeIterator _getApprochingACLGroups(Set<GroupIdentity> groups,
                                                    String rootPath,
                                                    Expression predicat)

getACLGroups

public static NodeIterator getACLGroups(GroupIdentity group,
                                        String rootPath,
                                        Expression predicat)

Returns all ACL objects for a given group (ametys:acl-group nodes)

Parameters:

group - The group

rootPath - The root path to restrict the search. Can be null.

predicat - The predicat expression. Can be null.

Returns:

The ACL user objects for groups

_query

private static NodeIterator _query(String jcrQuery)

getProfilesForAnonymousAndAnyConnectedUser

public static Map<ProfileAssignmentStorage.AnonymousOrAnyConnectedKeys,Set<String>> getProfilesForAnonymousAndAnyConnectedUser(Node node)

Helper for ACLAmetysObject.getProfilesForAnonymousAndAnyConnectedUser()

Parameters:

node - The JCR node for the Ametys object

Returns:

a map containing allowed/denied profiles that anonymous and any connected user has on the given object

addAllowedProfilesForAnyConnectedUser

public static void addAllowedProfilesForAnyConnectedUser(Node node,
                                                         Set<String> profileIds)

Helper for ModifiableACLAmetysObject.addAllowedProfilesForAnyConnectedUser(Set)

Parameters:

node - The JCR node for the Ametys object

profileIds - The profiles to add

removeAllowedProfilesForAnyConnectedUser

public static void removeAllowedProfilesForAnyConnectedUser(Node node,
                                                            Set<String> profileIds)

Helper for ModifiableACLAmetysObject.removeAllowedProfilesForAnyConnectedUser(Set)

Parameters:

node - The JCR node for the Ametys object

profileIds - The profiles to remove

addDeniedProfilesForAnyConnectedUser

public static void addDeniedProfilesForAnyConnectedUser(Node node,
                                                        Set<String> profileIds)

Helper for ModifiableACLAmetysObject.addDeniedProfilesForAnyConnectedUser(Set)

Parameters:

node - The JCR node for the Ametys object

profileIds - The profiles to add

removeDeniedProfilesForAnyConnectedUser

public static void removeDeniedProfilesForAnyConnectedUser(Node node,
                                                           Set<String> profileIds)

Helper for ModifiableACLAmetysObject.removeDeniedProfilesForAnyConnectedUser(Set)

Parameters:

node - The JCR node for the Ametys object

profileIds - The profiles to remove

addAllowedProfilesForAnonymous

public static void addAllowedProfilesForAnonymous(Node node,
                                                  Set<String> profileIds)

Helper for ModifiableACLAmetysObject.addAllowedProfilesForAnonymous(Set)

Parameters:

node - The JCR node for the Ametys object

profileIds - The profiles to add

removeAllowedProfilesForAnonymous

public static void removeAllowedProfilesForAnonymous(Node node,
                                                     Set<String> profileIds)

Helper for ModifiableACLAmetysObject.removeAllowedProfilesForAnonymous(Set)

Parameters:

node - The JCR node for the Ametys object

profileIds - The profiles to remove

addDeniedProfilesForAnonymous

public static void addDeniedProfilesForAnonymous(Node node,
                                                 Set<String> profileIds)

Helper for ModifiableACLAmetysObject.addDeniedProfilesForAnyConnectedUser(Set)

Parameters:

node - The JCR node for the Ametys object

profileIds - The profiles to add

removeDeniedProfilesForAnonymous

public static void removeDeniedProfilesForAnonymous(Node node,
                                                    Set<String> profileIds)

Helper for ModifiableACLAmetysObject.removeDeniedProfilesForAnyConnectedUser(Set)

Parameters:

node - The JCR node for the Ametys object

profileIds - The profiles to remove

getProfilesForUsers

public static Map<UserIdentity,Map<ProfileAssignmentStorage.UserOrGroup,Set<String>>> getProfilesForUsers(Node node,
                                                                                                                      UserIdentity user)

Helper for ACLAmetysObject.getProfilesForUsers(org.ametys.core.user.UserIdentity)

Parameters:

node - The JCR node for the Ametys object

user - The user to get profiles for. Can be null to get profiles for all users that have rights

Returns:

The map of allowed users with their assigned allowed/denied profiles

addAllowedUsers

public static void addAllowedUsers(Set<UserIdentity> users,
                                   Node node,
                                   String profileId)

Helper for ModifiableACLAmetysObject.addAllowedUsers(Set, String)

Parameters:

users - The users to add

node - The JCR node for the Ametys object

profileId - The id of the profile

removeAllowedUsers

public static void removeAllowedUsers(Set<UserIdentity> users,
                                      Node node,
                                      String profileId)

Helper for ModifiableACLAmetysObject.removeAllowedUsers(Set, String)

Parameters:

users - The users to remove

node - The JCR node for the Ametys object

profileId - The id of the profile

removeAllowedUsers

public static void removeAllowedUsers(Set<UserIdentity> users,
                                      Node node)

Helper for ModifiableACLAmetysObject.removeAllowedGroups(Set)

Parameters:

users - The users to remove

node - The JCR node for the Ametys object

addDeniedUsers

public static void addDeniedUsers(Set<UserIdentity> users,
                                  Node node,
                                  String profileId)

Helper for ModifiableACLAmetysObject.addDeniedUsers(Set, String)

Parameters:

users - The users to add

node - The JCR node for the Ametys object

profileId - The id of the profile

removeDeniedUsers

public static void removeDeniedUsers(Set<UserIdentity> users,
                                     Node node,
                                     String profileId)

Helper for ModifiableACLAmetysObject.removeDeniedUsers(Set, String)

Parameters:

users - The users to remove

node - The JCR node for the Ametys object

profileId - The id of the profile

removeDeniedUsers

public static void removeDeniedUsers(Set<UserIdentity> users,
                                     Node node)

Helper for ModifiableACLAmetysObject.removeDeniedUsers(Set)

Parameters:

users - The users to remove

node - The JCR node for the Ametys object

getProfilesForGroups

public static Map<GroupIdentity,Map<ProfileAssignmentStorage.UserOrGroup,Set<String>>> getProfilesForGroups(Node node,
                                                                                                                        Set<GroupIdentity> groups)

Helper for ACLAmetysObject.getProfilesForGroups(java.util.Set<org.ametys.core.group.GroupIdentity>)

Parameters:

node - The JCR node for the Ametys object

groups - The group to get profiles for. Can be null to get profiles for all groups that have rights

Returns:

The map of allowed/denied groups with their assigned profiles

addAllowedGroups

public static void addAllowedGroups(Set<GroupIdentity> groups,
                                    Node node,
                                    String profileId)

Helper for ModifiableACLAmetysObject.addAllowedGroups(Set, String)

Parameters:

groups - The groups to add

node - The JCR node for the Ametys object

profileId - The id of the profile

removeAllowedGroups

public static void removeAllowedGroups(Set<GroupIdentity> groups,
                                       Node node,
                                       String profileId)

Helper for ModifiableACLAmetysObject.removeAllowedGroups(Set, String)

Parameters:

groups - The groups to remove

node - The JCR node for the Ametys object

profileId - The id of the profile

removeAllowedGroups

public static void removeAllowedGroups(Set<GroupIdentity> groups,
                                       Node node)

Helper for ModifiableACLAmetysObject.removeAllowedGroups(Set)

Parameters:

groups - The groups to remove

node - The JCR node for the Ametys object

addDeniedGroups

public static void addDeniedGroups(Set<GroupIdentity> groups,
                                   Node node,
                                   String profileId)

Helper for ModifiableACLAmetysObject.addDeniedGroups(Set, String)

Parameters:

groups - The groups to add

node - The JCR node for the Ametys object

profileId - The id of the profile

removeDeniedGroups

public static void removeDeniedGroups(Set<GroupIdentity> groups,
                                      Node node,
                                      String profileId)

Helper for ModifiableACLAmetysObject.removeDeniedGroups(Set, String)

Parameters:

groups - The groups to remove

node - The JCR node for the Ametys object

profileId - The id of the profile

removeDeniedGroups

public static void removeDeniedGroups(Set<GroupIdentity> groups,
                                      Node node)

Helper for ModifiableACLAmetysObject.removeDeniedGroups(Set)

Parameters:

groups - The groups to remove

node - The JCR node for the Ametys object

removeProfile

public static void removeProfile(String profileId)

Helper for ModifiableACLAmetysObjectProfileAssignmentStorage.removeProfile(String)

Parameters:

profileId - The id of the profile

removeUser

public static void removeUser(UserIdentity user)

Helper for ModifiableACLAmetysObjectProfileAssignmentStorage.removeUser(UserIdentity)

Parameters:

user - The user

removeGroup

public static void removeGroup(GroupIdentity group)

Helper for ModifiableACLAmetysObjectProfileAssignmentStorage.removeGroup(GroupIdentity)

Parameters:

group - The group

isInheritanceDisallowed

public static boolean isInheritanceDisallowed(Node node)

Helper for ACLAmetysObject.isInheritanceDisallowed()

Parameters:

node - The JCR node for the Ametys object

Returns:

true if the inheritance is disallow of the given node

disallowInheritance

public static void disallowInheritance(Node node,
                                       boolean disallow)

Helper for ModifiableACLAmetysObject.disallowInheritance(boolean)

Parameters:

node - The JCR node for the Ametys object

disallow - true to disallow the inheritance, false otherwise

_checkLock

private static void _checkLock(Node node)
                        throws AmetysRepositoryException

Throws:

AmetysRepositoryException

_getOrCreateACLNode

private static Node _getOrCreateACLNode(Node node)

_getACLNode

private static Node _getACLNode(Node node)

_getOrCreateUsersNode

private static Node _getOrCreateUsersNode(Node node)

_getUserNode

private static Node _getUserNode(Node node,
                                 UserIdentity user)

_getUsersNode

private static Node _getUsersNode(Node node)

_getOrCreateGroupsNode

private static Node _getOrCreateGroupsNode(Node node)

_getGroupsNode

private static Node _getGroupsNode(Node node)

_getOrCreateUserNode

private static Node _getOrCreateUserNode(Node node,
                                         UserIdentity userIdentity)

_getOrCreateGroupNode

private static Node _getOrCreateGroupNode(Node node,
                                          GroupIdentity groupIdentity)

_getProperty

private static Set<String> _getProperty(Node node,
                                        String propertyName)

_setProperty

private static void _setProperty(Node node,
                                 String propertyName,
                                 Set<String> profiles)

_addProperty

private static void _addProperty(Node node,
                                 String propertyName,
                                 String profileToAdd)

_removeProperty

private static void _removeProperty(Node node,
                                    String propertyName,
                                    String profileToRemove)

_save

private static void _save(Node node)