protected JsonObject internalGetAcl()

in src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/AbstractGetAclServlet.java [72:121]


    protected JsonObject internalGetAcl(Session jcrSession, String resourcePath) throws RepositoryException {
        validateArgs(jcrSession, resourcePath);

        //make a temp map for quick lookup below
        Set<RestrictionDefinition> supportedRestrictions = getRestrictionProvider().getSupportedRestrictions(resourcePath);
        Map<String, RestrictionDefinition> srMap = new HashMap<>();
        for (RestrictionDefinition restrictionDefinition : supportedRestrictions) {
            srMap.put(restrictionDefinition.getName(), restrictionDefinition);
        }

        Map<Principal, Map<DeclarationType, Set<String>>> principalToDeclaredAtPaths = new HashMap<>();
        Map<String, List<AccessControlEntry>> effectivePathToEntriesMap = getAccessControlEntriesMap(jcrSession, resourcePath, principalToDeclaredAtPaths);
        Map<Principal, Integer> principalToOrderMap = new HashMap<>();
        Map<Principal, Map<Privilege, LocalPrivilege>> principalToPrivilegesMap = new HashMap<>();
        for (Entry<String, List<AccessControlEntry>> entry : effectivePathToEntriesMap.entrySet()) {
            List<AccessControlEntry> accessControlEntries = entry.getValue();
            for (AccessControlEntry accessControlEntry : accessControlEntries) {
                if (accessControlEntry instanceof JackrabbitAccessControlEntry) {
                    JackrabbitAccessControlEntry jrAccessControlEntry = (JackrabbitAccessControlEntry)accessControlEntry;
                    Privilege[] privileges = jrAccessControlEntry.getPrivileges();
                    if (privileges != null) {
                        Principal principal = accessControlEntry.getPrincipal();
                        if (!principalToPrivilegesMap.containsKey(principal)) {
                            principalToOrderMap.put(principal, principalToPrivilegesMap.size());
                        }
                        Map<Privilege, LocalPrivilege> map = principalToPrivilegesMap.computeIfAbsent(principal, k -> new HashMap<>());

                        processACE(srMap, jrAccessControlEntry, privileges, map);
                    }
                }
            }
        }

        // combine any aggregates that are still valid
        AccessControlManager acm = AccessControlUtil.getAccessControlManager(jcrSession);
        Map<Privilege, Integer> privilegeLongestDepthMap = PrivilegesHelper.buildPrivilegeLongestDepthMap(acm.privilegeFromName(PrivilegeConstants.JCR_ALL));
        for (Entry<Principal, Map<Privilege, LocalPrivilege>> entry : principalToPrivilegesMap.entrySet()) {
            Map<Privilege, LocalPrivilege> privilegeToLocalPrivilegesMap = entry.getValue();

            PrivilegesHelper.consolidateAggregates(jcrSession, resourcePath, privilegeToLocalPrivilegesMap, privilegeLongestDepthMap);
        }

        // sort the entries by the order value for readability
        List<Entry<Principal, Map<Privilege, LocalPrivilege>>> entrySetList = new ArrayList<>(principalToPrivilegesMap.entrySet());
        Collections.sort(entrySetList, (e1, e2) -> principalToOrderMap.get(e1.getKey()).compareTo(principalToOrderMap.get(e2.getKey())));

        // convert the data to JSON
        JsonObjectBuilder jsonObj = convertToJson(entrySetList, principalToDeclaredAtPaths);
        return jsonObj.build();
    }