Improve ACL implementation

Take advantage of eager fetching and second-level cache for ACLs Avoid querying the database in AclDao, models are already eagerly fetched, so querying is pointless. Remove ACL cache, ACLs are already stored in the second-level cache. Use Spring-supplied ACL implementation
PavlidisLab · Sep 28, 2023 · e416e6f · e416e6f
1 parent d68d33a
commit e416e6f
Show file tree

Hide file tree

Showing 11 changed files with 422 additions and 825 deletions.
diff --git a/gsec/src/main/java/gemma/gsec/acl/domain/AclDao.java b/gsec/src/main/java/gemma/gsec/acl/domain/AclDao.java
@@ -15,12 +15,10 @@
 package gemma.gsec.acl.domain;
 
 import org.springframework.security.acls.jdbc.LookupStrategy;
-import org.springframework.security.acls.model.MutableAcl;
-import org.springframework.security.acls.model.ObjectIdentity;
-import org.springframework.security.acls.model.Sid;
+import org.springframework.security.acls.model.Acl;
 
+import javax.annotation.CheckReturnValue;
 import javax.annotation.Nullable;
-import java.io.Serializable;
 import java.util.List;
 
 /**
@@ -29,22 +27,32 @@
  */
 public interface AclDao extends LookupStrategy {
 
-    AclObjectIdentity createObjectIdentity( String type, Serializable identifier, Sid sid, boolean entriesInheriting );
+    /**
+     * Find an ACL object identity confirming to the given object identity.
+     */
+    @Nullable
+    AclObjectIdentity findObjectIdentity( AclObjectIdentity objectIdentity );
 
-    void delete( ObjectIdentity objectIdentity, boolean deleteChildren );
+    List<AclObjectIdentity> findChildren( AclObjectIdentity parentIdentity );
 
-    void delete( Sid sid );
+    /**
+     * Create a new object identity.
+     */
+    @CheckReturnValue
+    AclObjectIdentity createObjectIdentity( AclObjectIdentity oid );
 
-    @Nullable
-    AclObjectIdentity find( ObjectIdentity oid );
+    /**
+     * Update a given object identity so that it conforms to a given ACL object.
+     */
+    void updateObjectIdentity( AclObjectIdentity aclObjectIdentity, Acl acl );
 
-    @Nullable
-    AclSid find( Sid sid );
+    void deleteObjectIdentity( AclObjectIdentity objectIdentity, boolean deleteChildren );
 
-    List<ObjectIdentity> findChildren( ObjectIdentity parentIdentity );
+    void deleteSid( AclSid sid );
 
-    AclSid findOrCreate( Sid sid );
-
-    void update( MutableAcl acl );
+    @Nullable
+    AclSid findSid( AclSid sid );
 
+    @CheckReturnValue
+    AclSid findOrCreateSid( AclSid sid );
 }