protected void createAcl()

in plugin-acl/plugin/src/main/groovy/grails/plugin/springsecurity/acl/jdbc/GormAclLookupStrategy.groovy [245:290]

• 34 lines of code
• 8 McCabe index (conditional complexity)

	protected void createAcl(Map<Serializable, Acl> acls, AclObjectIdentity aclObjectIdentity,
			List<AclEntry> entries) {

		Serializable id = aclObjectIdentity.id

		// If we already have an ACL for this ID, just create the ACE
		AclImpl acl = acls[id]
		if (!acl) {
			// Make an AclImpl and pop it into the Map
			ObjectIdentity objectIdentity = new ObjectIdentityImpl(
					lookupClass(aclObjectIdentity.aclClass.className),
					aclObjectIdentity.objectId)
			Acl parentAcl
			if (aclObjectIdentity.parent) {
				parentAcl = new StubAclParent(aclObjectIdentity.parent.id)
			}

			AclSid ownerSid = aclObjectIdentity.owner
			Sid owner = ownerSid.principal ?
					new PrincipalSid(ownerSid.sid) :
					new GrantedAuthoritySid(ownerSid.sid)

			acl = new AclImpl(objectIdentity, id, aclAuthorizationStrategy, permissionGrantingStrategy,
					parentAcl, null /*List<Sid> loadedSids*/, aclObjectIdentity.entriesInheriting, owner)
			acls[id] = acl
		}

		List aces = acl.@aces
		for (AclEntry entry in entries) {
			// Add an extra ACE to the ACL (ORDER BY maintains the ACE list order)
			// It is permissable to have no ACEs in an ACL
			String aceSid = entry.sid?.sid
			if (aceSid) {
				Sid recipient = entry.sid.principal ? new PrincipalSid(aceSid) : new GrantedAuthoritySid(aceSid)

				Permission permission = permissionFactory.buildFromMask(entry.mask)
				AccessControlEntryImpl ace = new AccessControlEntryImpl(entry.id, acl, recipient, permission,
						entry.granting, entry.auditSuccess, entry.auditFailure)

				// Add the ACE if it doesn't already exist in the ACL.aces field
				if (!aces.contains(ace)) {
					aces << ace
				}
			}
		}
	}