1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34 package info.magnolia.module.delta;
35
36 import info.magnolia.cms.security.Role;
37 import info.magnolia.cms.security.RoleManager;
38 import info.magnolia.cms.security.SecuritySupport;
39 import info.magnolia.module.InstallContext;
40
41 import javax.jcr.RepositoryException;
42
43
44
45
46
47 public class RemovePermissionTask extends AbstractRepositoryTask {
48
49 private final String roleName;
50 private final String workspaceName;
51 private final String pathToRemove;
52 private final long permission;
53
54 public RemovePermissionTask(String taskName, String taskDescription, String roleName, String workspaceName, String pathToRemove, long permission) {
55 super(taskName, taskDescription);
56 this.roleName = roleName;
57 this.workspaceName = workspaceName;
58 this.pathToRemove = pathToRemove;
59 this.permission = permission;
60 }
61
62 @Override
63 protected void doExecute(InstallContext ctx) throws RepositoryException, TaskExecutionException {
64 try {
65 final SecuritySupport securitySupport = SecuritySupport.Factory.getInstance();
66 final RoleManager roleManager = securitySupport.getRoleManager();
67 final Role role = roleManager.getRole(roleName);
68
69 if (role != null) {
70 role.removePermission(workspaceName, pathToRemove, permission);
71 role.removePermission(workspaceName, pathToRemove + "/*", permission);
72 } else {
73 ctx.warn("Role \"" + roleName + "\" not found, can't remove its ACL permission.");
74 }
75 } catch (UnsupportedOperationException e1) {
76 ctx.warn("Can't update role \"" + roleName + "\" due to an unsupported operation exception. This is most likely the case if the roles are managed externally.");
77 }
78 }
79 }