VRE ACl can be changed using setAcl method
This commit is contained in:
parent
8a84c93c18
commit
ddbac93245
|
@ -159,8 +159,28 @@ public class ACLManager {
|
||||||
SharedFolder folder = ((SharedFolder)item);
|
SharedFolder folder = ((SharedFolder)item);
|
||||||
|
|
||||||
if (folder.isVreFolder()) {
|
if (folder.isVreFolder()) {
|
||||||
throw new InvalidCallParameters("acls in vreFolder cannot be changed with this method");
|
if (accessType==AccessType.ADMINISTRATOR) throw new InvalidCallParameters("A group of a VRE cannot be set as ADMINISTRATOR");
|
||||||
|
|
||||||
|
if (!user.equals(folder.getTitle())) throw new InvalidCallParameters("the groupId in the argument is different to the one of the VREFolder");
|
||||||
|
|
||||||
|
AccessControlManager acm = ses.getAccessControlManager();
|
||||||
|
JackrabbitAccessControlList acls = AccessControlUtils.getAccessControlList(acm, folder.getPath());
|
||||||
|
Privilege[] userPrivileges = new Privilege[] { acm.privilegeFromName(accessType.getValue()) };
|
||||||
|
|
||||||
|
AccessControlEntry aceToDelete = null;;
|
||||||
|
Principal principal = AccessControlUtils.getPrincipal(ses, user);
|
||||||
|
for (AccessControlEntry ace : acls.getAccessControlEntries())
|
||||||
|
if (ace.getPrincipal().equals(principal)) {
|
||||||
|
aceToDelete = ace;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (aceToDelete!= null)
|
||||||
|
acls.removeAccessControlEntry(aceToDelete);
|
||||||
|
acls.addAccessControlEntry(principal, userPrivileges);
|
||||||
|
acm.setPolicy(folder.getPath(), acls);
|
||||||
|
ses.save();
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
|
|
||||||
NodeIterator sharedSet = node.getSharedSet();
|
NodeIterator sharedSet = node.getSharedSet();
|
||||||
|
@ -237,7 +257,7 @@ public class ACLManager {
|
||||||
throw new InvalidItemException("the item is not a shared folder");
|
throw new InvalidItemException("the item is not a shared folder");
|
||||||
|
|
||||||
if (item instanceof VreFolder)
|
if (item instanceof VreFolder)
|
||||||
throw new InvalidCallParameters("acls in vreFolder cannot be changed with this method");
|
throw new InvalidCallParameters("acls in vreFolder cannot be removed with this method");
|
||||||
|
|
||||||
authChecker.checkAdministratorControl(ses, (SharedFolder) item);
|
authChecker.checkAdministratorControl(ses, (SharedFolder) item);
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue