WOPILockSecurityPolicy (Nuxeo 2021.64.6 API Documentation)

java.lang.Object
- org.nuxeo.ecm.core.security.AbstractSecurityPolicy
- - org.nuxeo.ecm.core.security.LockSecurityPolicy
  - - org.nuxeo.wopi.lock.WOPILockSecurityPolicy

All Implemented Interfaces:

SecurityPolicy
```
public class WOPILockSecurityPolicy
extends LockSecurityPolicy
```
Security policy to allow collaborative edition with WOPI.
See Co-authoring using Office Online.
Unlike the standard LockSecurityPolicy, even if the document is locked by someone else, the WRITE permission is not blocked if a WOPI lock exists for the document and the request originated from a WOPI client.
This handles the case of multiple users editing a document at the same time in Office Online, which is considered by the Nuxeo WOPI host as a single WOPI client.

Since:

10.3

Nested Class Summary
- Nested classes/interfaces inherited from interface org.nuxeo.ecm.core.security.SecurityPolicy
  SecurityPolicy.IdentityQueryTransformer, SecurityPolicy.QueryTransformer

Field Summary
- Fields inherited from class org.nuxeo.ecm.core.security.LockSecurityPolicy
  IGNORE_POLICY

Constructor Summary

Constructors
Constructor Description

WOPILockSecurityPolicy()

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`Access`	`checkPermission(Document doc, ACP mergedAcp, NuxeoPrincipal principal, String permission, String[] resolvedPermissions, String[] additionalPrincipals)`	Checks given permission for doc and principal.

Methods inherited from class org.nuxeo.ecm.core.security.LockSecurityPolicy
getQueryTransformer, isExpressibleInQuery, isIgnorePolicy, isRestrictingPermission, setIgnorePolicy

Methods inherited from class org.nuxeo.ecm.core.security.AbstractSecurityPolicy
getQueryTransformer, isExpressibleInQuery

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - WOPILockSecurityPolicy
```
public WOPILockSecurityPolicy()
```
- Method Detail
  - checkPermission
```
public Access checkPermission(Document doc,
                              ACP mergedAcp,
                              NuxeoPrincipal principal,
                              String permission,
                              String[] resolvedPermissions,
                              String[] additionalPrincipals)
```
    Description copied from interface: SecurityPolicy
    
    Checks given permission for doc and principal.
    Note that for the Browse permission, which is also implemented in SQL using SecurityPolicy.getQueryTransformer(java.lang.String), a security policy must never bypass standard ACL access, it must only return DENY or UNKNOWN. Failing to do this would make direct access and queries behave differently.
    
    Specified by:
    
    checkPermission in interface SecurityPolicy
    
    Overrides:
    
    checkPermission in class LockSecurityPolicy
    
    Parameters:
    
    doc - the document to check
    
    mergedAcp - merged ACP resolved for this document
    
    principal - principal to check
    
    permission - permission to check
    
    resolvedPermissions - permissions or groups of permissions containing permission
    
    Returns:
    
    access: GRANT, DENY, or UNKNOWN. When UNKNOWN is returned, following policies or default core security are applied.