Package org.guvnor.common.services.backend.migration

Class ACLMigrationTool

  • @ApplicationScoped
public class ACLMigrationTool
extends Object
    In previous versions (before the 7 release), the only way to grant access to resources like OrganizationalUnit, Repository and Module was to indicate which groups were able to access a given instance. Those groups were stored as part of the instance persistent status.

    As of 7 version, the authorization policy is based on permissions. That means is no longer required to keep a list of groups per resource instance. What is required is to define proper permission entries into the active AuthorizationPolicy

    This is a utility class which takes care of reading the groups declared for any of the above resource types and creating the necessary permissions so that those resources are protected from user access.

    The migration procedure is carried out when an AuthorizationPolicyDeployedEvent is received, which means the application is starting up and deploying the authorization policy for the first time.

    • Constructor Detail

      • ACLMigrationTool

        @Inject
public ACLMigrationTool​(org.guvnor.structure.organizationalunit.OrganizationalUnitService organizationalUnitService,
                        org.guvnor.structure.repositories.RepositoryService repositoryService,
                        org.uberfire.security.authz.PermissionManager permissionManager,
                        org.uberfire.backend.authz.AuthorizationPolicyStorage authorizationPolicyStorage)

    • Method Detail

      • onDeploy

        public void onDeploy​(@Observes
                     org.uberfire.backend.events.AuthorizationPolicyDeployedEvent event)

      • isACLMigrationToolEnabled

        protected boolean isACLMigrationToolEnabled()

      • migrateOrgUnits

        public void migrateOrgUnits​(org.uberfire.security.authz.AuthorizationPolicy policy)

      • migrateRepositories

        public void migrateRepositories​(org.uberfire.security.authz.AuthorizationPolicy policy)