1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34 package info.magnolia.module.delta;
35
36 import info.magnolia.cms.security.Role;
37 import info.magnolia.cms.security.RoleManager;
38 import info.magnolia.cms.security.SecuritySupport;
39 import info.magnolia.module.InstallContext;
40
41
42
43
44 public class AddPermissionTask extends AbstractTask {
45
46 private final String roleName;
47 private final String workspaceName;
48 private final String path;
49 private final long permission;
50 private final boolean includingSubNodes;
51
52 public AddPermissionTask(String taskName, String roleName, String workspaceName, String path, long permission, boolean includingSubNodes) {
53 this(taskName, String.format("Adds permission '%s" + (includingSubNodes ? "*" : "") + "=%d' for workspace '%s'.", path, permission, workspaceName),
54 roleName, workspaceName, path, permission, includingSubNodes);
55 }
56
57 public AddPermissionTask(String taskName, String taskDescription, String roleName, String workspaceName, String path, long permission,
58 boolean includingSubNodes) {
59 super(taskName, taskDescription);
60 this.roleName = roleName;
61 this.workspaceName = workspaceName;
62 this.path = path;
63 this.permission = permission;
64 this.includingSubNodes = includingSubNodes;
65 }
66
67 @Override
68 public void execute(InstallContext ctx) throws TaskExecutionException {
69 SecuritySupport securitySupport = SecuritySupport.Factory.getInstance();
70 RoleManager roleManager = securitySupport.getRoleManager();
71 Role role = roleManager.getRole(roleName);
72 if (role == null) {
73 ctx.warn("Role \"" + roleName + "\" not found, can't add permissions to " + path + ".");
74 } else {
75 try {
76 roleManager.addPermission(role, workspaceName, path, permission);
77 if (includingSubNodes) {
78 String pathIncludingSubNodes = "";
79 if ("/".equals(path)) {
80 pathIncludingSubNodes = "/*";
81 } else {
82 pathIncludingSubNodes = path + "/*";
83 }
84 roleManager.addPermission(role, workspaceName, pathIncludingSubNodes, permission);
85 }
86 } catch (UnsupportedOperationException e) {
87 ctx.warn("Can't update role \"" + roleName
88 + "\" due to an unsupported operation exception. This is most likely the case if the roles are managed externally.");
89 }
90 }
91 }
92 }