1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34 package info.magnolia.cms.security;
35
36 import java.security.Principal;
37 import java.util.ArrayList;
38 import java.util.Collection;
39 import java.util.HashSet;
40 import java.util.List;
41 import javax.security.auth.Subject;
42
43 import info.magnolia.cms.security.auth.ACL;
44 import info.magnolia.cms.security.auth.PrincipalCollectionImpl;
45
46
47
48
49
50
51 public class Security {
52
53
54
55
56 public static RoleManager getRoleManager() {
57 return getSecuritySupport().getRoleManager();
58 }
59
60
61
62
63 public static UserManager getUserManager() {
64 return getSecuritySupport().getUserManager();
65 }
66
67
68
69
70 public static GroupManager getGroupManager() {
71 return getSecuritySupport().getGroupManager();
72 }
73
74 public static SecuritySupport getSecuritySupport() {
75 return SecuritySupport.Factory.getInstance();
76 }
77
78 public static User getAnonymousUser() {
79 return getSecuritySupport().getUserManager(Realm.REALM_SYSTEM.getName()).getAnonymousUser();
80 }
81
82 public static User getSystemUser() {
83 return getSecuritySupport().getUserManager(Realm.REALM_SYSTEM.getName()).getSystemUser();
84 }
85
86 public static Subject getSystemSubject() {
87 return createSubjectAndPopulate(Security.getSystemUser());
88 }
89
90 public static Subject getAnonymousSubject() {
91 return createSubjectAndPopulate(Security.getAnonymousUser());
92 }
93
94 private static Subject createSubjectAndPopulate(User user) {
95
96 RoleManager roleManager = getRoleManager();
97
98 List<Principal> acls = new ArrayList<Principal>();
99 for (String role : user.getAllRoles()) {
100 acls.addAll(roleManager.getACLs(role).values());
101 }
102
103 PrincipalCollectionImpl principalCollection = new PrincipalCollectionImpl();
104 mergePrincipals(principalCollection, acls);
105
106 Subject subject = new Subject();
107 subject.getPrincipals().add(user);
108 subject.getPrincipals().add(principalCollection);
109 return subject;
110 }
111
112 private static void mergePrincipals(PrincipalCollectionImpl principalCollection, List<Principal> acls) {
113 for (Principal principal : acls) {
114 ACL princ = (ACL) principal;
115 if (principalCollection.contains(princ.getName())) {
116 ACL oldACL = (ACL) principalCollection.get(princ.getName());
117 Collection<Permission> permissions = new HashSet<Permission>(oldACL.getList());
118 permissions.addAll(princ.getList());
119 principalCollection.remove(oldACL);
120 princ = new ACLImpl(princ.getName(), new ArrayList<Permission>(permissions));
121 }
122 principalCollection.add(princ);
123 }
124 }
125 }