如何删除 Spring 安全 acl 中某些 Sid 的 AccessControlEntry (acl_entry)?
How to remove AccessControlEntry (acl_entry) for certain Sid in Spring security acl?
如何使用 mutableAclService 删除 spring 安全 acl 中的用户访问权限。
这个代码可以吗
private void deleteEntry(Long id){
ObjectIdentity objectIdentity = new ObjectIdentityImpl(OrganizationStructure.class, id);
Sid user = new PrincipalSid("admin");
Permission p1 = BasePermission.READ;
try {
MutableAcl acl = (MutableAcl) mutableAclService.readAclById(objectIdentity);
acl.getEntries().forEach(c->{
System.out.println(c.toString());
if(c.getSid().equals(user))
acl.getEntries().remove(c);
});
mutableAclService.updateAcl(acl);
} catch (NotFoundException nfe) {
}
}
尝试后我发现如何删除条目
private void deleteEntry(Long id) {
ObjectIdentity objectIdentity = new ObjectIdentityImpl(OrganizationStructure.class, id);
Sid user = new PrincipalSid(SecurityUtility.getAuthenticatedUser().getUsername());
try {
MutableAcl acl = (MutableAcl) mutableAclService.readAclById(objectIdentity);
Consumer<AccessControlEntry> style = (AccessControlEntry p) -> System.out.println("id:"+p.getSid());
acl.getEntries().forEach(style);
for (int i = 0; i < acl.getEntries().size(); i++) {
if (acl.getEntries().get(i).getSid().toString().equals(user.toString())) {
acl.deleteAce(i);
break;
}
}
acl.getEntries().forEach(style);
mutableAclService.updateAcl(acl);
} catch (NotFoundException nfe) {
}
}
如果列表中同一个 SID 有多个访问控制条目,上述代码将失败。如果其中没有条目,您也可能想要完全删除 ACL。这是一个稍微改进的版本:
ObjectIdentity oi = new ObjectIdentityImpl(objectClass, objectId);
try {
MutableAcl acl = (MutableAcl) aclService.readAclById(oi);
List<AccessControlEntry> aclEntries = acl.getEntries();
for (int i = aclEntries.size() - 1; i >= 0; i--) {
AccessControlEntry ace = aclEntries.get(i);
if (ace.getSid().equals(sid)) {
acl.deleteAce(i);
}
}
if (acl.getEntries().isEmpty()) {
aclService.deleteAcl(oi, true);
}
aclService.updateAcl(acl);
} catch (NotFoundException ignore) {
}
如何使用 mutableAclService 删除 spring 安全 acl 中的用户访问权限。 这个代码可以吗
private void deleteEntry(Long id){
ObjectIdentity objectIdentity = new ObjectIdentityImpl(OrganizationStructure.class, id);
Sid user = new PrincipalSid("admin");
Permission p1 = BasePermission.READ;
try {
MutableAcl acl = (MutableAcl) mutableAclService.readAclById(objectIdentity);
acl.getEntries().forEach(c->{
System.out.println(c.toString());
if(c.getSid().equals(user))
acl.getEntries().remove(c);
});
mutableAclService.updateAcl(acl);
} catch (NotFoundException nfe) {
}
}
尝试后我发现如何删除条目
private void deleteEntry(Long id) {
ObjectIdentity objectIdentity = new ObjectIdentityImpl(OrganizationStructure.class, id);
Sid user = new PrincipalSid(SecurityUtility.getAuthenticatedUser().getUsername());
try {
MutableAcl acl = (MutableAcl) mutableAclService.readAclById(objectIdentity);
Consumer<AccessControlEntry> style = (AccessControlEntry p) -> System.out.println("id:"+p.getSid());
acl.getEntries().forEach(style);
for (int i = 0; i < acl.getEntries().size(); i++) {
if (acl.getEntries().get(i).getSid().toString().equals(user.toString())) {
acl.deleteAce(i);
break;
}
}
acl.getEntries().forEach(style);
mutableAclService.updateAcl(acl);
} catch (NotFoundException nfe) {
}
}
如果列表中同一个 SID 有多个访问控制条目,上述代码将失败。如果其中没有条目,您也可能想要完全删除 ACL。这是一个稍微改进的版本:
ObjectIdentity oi = new ObjectIdentityImpl(objectClass, objectId);
try {
MutableAcl acl = (MutableAcl) aclService.readAclById(oi);
List<AccessControlEntry> aclEntries = acl.getEntries();
for (int i = aclEntries.size() - 1; i >= 0; i--) {
AccessControlEntry ace = aclEntries.get(i);
if (ace.getSid().equals(sid)) {
acl.deleteAce(i);
}
}
if (acl.getEntries().isEmpty()) {
aclService.deleteAcl(oi, true);
}
aclService.updateAcl(acl);
} catch (NotFoundException ignore) {
}