1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34 package info.magnolia.module.delta;
35
36 import info.magnolia.cms.security.Role;
37 import info.magnolia.cms.security.RoleManager;
38 import info.magnolia.cms.security.SecuritySupport;
39 import info.magnolia.module.InstallContext;
40
41 import javax.jcr.RepositoryException;
42
43
44
45
46
47
48
49
50 public class RemovePermissionTask extends AbstractRepositoryTask {
51
52 private final String roleName;
53 private final String workspaceName;
54 private final String pathToRemove;
55 private final long permission;
56
57 public RemovePermissionTask(String taskName, String taskDescription, String roleName, String workspaceName, String pathToRemove, long permission) {
58 super(taskName, taskDescription);
59 this.roleName = roleName;
60 this.workspaceName = workspaceName;
61 this.pathToRemove = pathToRemove;
62 this.permission = permission;
63 }
64
65 @Override
66 protected void doExecute(InstallContext ctx) throws RepositoryException, TaskExecutionException {
67 try {
68 final SecuritySupport securitySupport = SecuritySupport.Factory.getInstance();
69 final RoleManager roleManager = securitySupport.getRoleManager();
70 final Role role = roleManager.getRole(roleName);
71
72 if (role != null) {
73 role.removePermission(workspaceName, pathToRemove, permission);
74 role.removePermission(workspaceName, pathToRemove + "/*", permission);
75 } else {
76 ctx.warn("Role \"" + roleName + "\" not found, can't remove its ACL permission.");
77 }
78 } catch (UnsupportedOperationException e1) {
79 ctx.warn("Can't update role \"" + roleName + "\" due to an unsupported operation exception. This is most likely the case if the roles are managed externally.");
80 }
81 }
82 }