org.springframework.security.acls.model.ObjectIdentity Java Examples

The following examples show how to use org.springframework.security.acls.model.ObjectIdentity. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: AccessService.java    From kylin with Apache License 2.0 6 votes vote down vote up
@Transactional
public MutableAclRecord init(AclEntity ae, Permission initPermission) {
    MutableAclRecord acl = null;
    ObjectIdentity objectIdentity = new ObjectIdentityImpl(ae);

    try {
        // Create acl record for secured domain object.
        acl = (MutableAclRecord) aclService.createAcl(objectIdentity);
    } catch (AlreadyExistsException e) {
        acl = aclService.readAcl(objectIdentity);
    }

    if (null != initPermission) {
        Authentication auth = SecurityContextHolder.getContext().getAuthentication();
        PrincipalSid sid = new PrincipalSid(auth);
        acl = grant(ae, initPermission, sid);
    }

    return acl;
}
 
Example #2
Source File: JpaMutableAclService.java    From Spring-Security-Third-Edition with MIT License 6 votes vote down vote up
@Override
public MutableAcl createAcl(ObjectIdentity objectIdentity) throws AlreadyExistsException {
    Assert.notNull(objectIdentity, "Object Identity required");

    // Check this object identity hasn't already been persisted
    if (retrieveObjectIdentityPrimaryKey(objectIdentity) != null) {
        throw new AlreadyExistsException("Object identity '" + objectIdentity + "' already exists");
    }

    // Need to retrieve the current principal, in order to know who "owns" this ACL (can be changed later on)
    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
    PrincipalSid sid = new PrincipalSid(auth);

    // Create the acl_object_identity row
    createObjectIdentity(objectIdentity, sid);

    // Retrieve the ACL via superclass (ensures cache registration, proper retrieval etc)
    Acl acl = readAclById(objectIdentity);
    Assert.isInstanceOf(MutableAcl.class, acl, "MutableAcl should be been returned");

    return (MutableAcl) acl;
}
 
Example #3
Source File: JpaMutableAclService.java    From Spring-Security-Third-Edition with MIT License 6 votes vote down vote up
@Override
public MutableAcl createAcl(ObjectIdentity objectIdentity) throws AlreadyExistsException {
    Assert.notNull(objectIdentity, "Object Identity required");

    // Check this object identity hasn't already been persisted
    if (retrieveObjectIdentityPrimaryKey(objectIdentity) != null) {
        throw new AlreadyExistsException("Object identity '" + objectIdentity + "' already exists");
    }

    // Need to retrieve the current principal, in order to know who "owns" this ACL (can be changed later on)
    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
    PrincipalSid sid = new PrincipalSid(auth);

    // Create the acl_object_identity row
    createObjectIdentity(objectIdentity, sid);

    // Retrieve the ACL via superclass (ensures cache registration, proper retrieval etc)
    Acl acl = readAclById(objectIdentity);
    Assert.isInstanceOf(MutableAcl.class, acl, "MutableAcl should be been returned");

    return (MutableAcl) acl;
}
 
Example #4
Source File: AccessService.java    From kylin-on-parquet-v2 with Apache License 2.0 6 votes vote down vote up
@Transactional
public MutableAclRecord init(AclEntity ae, Permission initPermission) {
    MutableAclRecord acl = null;
    ObjectIdentity objectIdentity = new ObjectIdentityImpl(ae);

    try {
        // Create acl record for secured domain object.
        acl = (MutableAclRecord) aclService.createAcl(objectIdentity);
    } catch (AlreadyExistsException e) {
        acl = aclService.readAcl(objectIdentity);
    }

    if (null != initPermission) {
        Authentication auth = SecurityContextHolder.getContext().getAuthentication();
        PrincipalSid sid = new PrincipalSid(auth);
        acl = grant(ae, initPermission, sid);
    }

    return acl;
}
 
Example #5
Source File: DataServiceIT.java    From molgenis with GNU Lesser General Public License v3.0 6 votes vote down vote up
private static Map<ObjectIdentity, PermissionSet> getBasePermissionsMap(
    ApplicationContext applicationContext) {
  TestEntityStaticMetaData entityTypeStatic =
      applicationContext.getBean(TestEntityStaticMetaData.class);
  TestRefEntityStaticMetaData refEntityTypeStatic =
      applicationContext.getBean(TestRefEntityStaticMetaData.class);

  Map<ObjectIdentity, PermissionSet> basePermissions = new HashMap<>();
  basePermissions.put(new EntityTypeIdentity("sys_md_Package"), PermissionSet.READ);
  basePermissions.put(new EntityTypeIdentity("sys_md_EntityType"), PermissionSet.READ);
  basePermissions.put(new EntityTypeIdentity("sys_md_Attribute"), PermissionSet.READ);
  basePermissions.put(
      new EntityTypeIdentity("sys_dec_DecoratorConfiguration"), PermissionSet.READ);
  basePermissions.put(new EntityTypeIdentity(entityTypeStatic), PermissionSet.READ);
  basePermissions.put(new EntityTypeIdentity(refEntityTypeStatic), PermissionSet.READ);
  return basePermissions;
}
 
Example #6
Source File: AclService.java    From kylin-on-parquet-v2 with Apache License 2.0 6 votes vote down vote up
@Override
public Map<ObjectIdentity, Acl> readAclsById(List<ObjectIdentity> oids, List<Sid> sids) throws NotFoundException {
    Map<ObjectIdentity, Acl> aclMaps = new HashMap<>();
    for (ObjectIdentity oid : oids) {
        AclRecord record = getAclRecordByCache(objID(oid));
        if (record == null) {
            Message msg = MsgPicker.getMsg();
            throw new NotFoundException(String.format(Locale.ROOT, msg.getACL_INFO_NOT_FOUND(), oid));
        }

        Acl parentAcl = null;
        if (record.isEntriesInheriting() && record.getParentDomainObjectInfo() != null)
            parentAcl = readAclById(record.getParentDomainObjectInfo());

        record.init(parentAcl, aclPermissionFactory, permissionGrantingStrategy);

        aclMaps.put(oid, new MutableAclRecord(record));
    }
    return aclMaps;
}
 
Example #7
Source File: TransactionalJdbcMutableAclService.java    From molgenis with GNU Lesser General Public License v3.0 6 votes vote down vote up
/**
 * Same as {@link JdbcMutableAclService#createAcl(ObjectIdentity)} except for duplicate key
 * checking which is handled by by the database for performance reasons.
 */
@Transactional
@Override
public MutableAcl createAcl(ObjectIdentity objectIdentity) {
  Assert.notNull(objectIdentity, "Object Identity required");

  // Need to retrieve the current principal, in order to know who "owns" this ACL
  // (can be changed later on)
  Sid sid = SidUtils.createSecurityContextSid();

  try {
    // Create the acl_object_identity row
    createObjectIdentity(objectIdentity, sid);
  } catch (DuplicateKeyException e) {
    throw new AlreadyExistsException("Object identity '" + objectIdentity + "' already exists");
  }
  // Retrieve the ACL via superclass (ensures cache registration, proper retrieval
  // etc)
  Acl acl = readAclById(objectIdentity);
  Assert.isInstanceOf(MutableAcl.class, acl, "MutableAcl should be been returned");

  return (MutableAcl) acl;
}
 
Example #8
Source File: PermissionServiceDecoratorTest.java    From molgenis with GNU Lesser General Public License v3.0 6 votes vote down vote up
@Test
void testCreatePermission() {
  setSu();
  ObjectIdentity objectIdentity = new ObjectIdentityImpl("type", "identifier");
  Sid sid = new PrincipalSid("user");

  MutableAcl acl = mock(MutableAcl.class);
  when(acl.getOwner()).thenReturn(sid);
  when(mutableAclService.readAclById(objectIdentity)).thenReturn(acl);

  Permission permission = Permission.create(objectIdentity, sid, PermissionSet.WRITE);

  when(mutableAclClassService.getAclClassTypes()).thenReturn(singletonList("type"));

  permissionServiceDecorator.createPermission(permission);
  verify(permissionService).createPermission(permission);
  resetContext();
}
 
Example #9
Source File: JpaMutableAclService.java    From Spring-Security-Third-Edition with MIT License 6 votes vote down vote up
@Override
public MutableAcl createAcl(ObjectIdentity objectIdentity) throws AlreadyExistsException {
    Assert.notNull(objectIdentity, "Object Identity required");

    // Check this object identity hasn't already been persisted
    if (retrieveObjectIdentityPrimaryKey(objectIdentity) != null) {
        throw new AlreadyExistsException("Object identity '" + objectIdentity + "' already exists");
    }

    // Need to retrieve the current principal, in order to know who "owns" this ACL (can be changed later on)
    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
    PrincipalSid sid = new PrincipalSid(auth);

    // Create the acl_object_identity row
    createObjectIdentity(objectIdentity, sid);

    // Retrieve the ACL via superclass (ensures cache registration, proper retrieval etc)
    Acl acl = readAclById(objectIdentity);
    Assert.isInstanceOf(MutableAcl.class, acl, "MutableAcl should be been returned");

    return (MutableAcl) acl;
}
 
Example #10
Source File: JpaMutableAclService.java    From Spring-Security-Third-Edition with MIT License 6 votes vote down vote up
@Override
public MutableAcl createAcl(ObjectIdentity objectIdentity) throws AlreadyExistsException {
    Assert.notNull(objectIdentity, "Object Identity required");

    // Check this object identity hasn't already been persisted
    if (retrieveObjectIdentityPrimaryKey(objectIdentity) != null) {
        throw new AlreadyExistsException("Object identity '" + objectIdentity + "' already exists");
    }

    // Need to retrieve the current principal, in order to know who "owns" this ACL (can be changed later on)
    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
    PrincipalSid sid = new PrincipalSid(auth);

    // Create the acl_object_identity row
    createObjectIdentity(objectIdentity, sid);

    // Retrieve the ACL via superclass (ensures cache registration, proper retrieval etc)
    Acl acl = readAclById(objectIdentity);
    Assert.isInstanceOf(MutableAcl.class, acl, "MutableAcl should be been returned");

    return (MutableAcl) acl;
}
 
Example #11
Source File: OntologyImportServiceIT.java    From molgenis with GNU Lesser General Public License v3.0 6 votes vote down vote up
private void populateUserPermissions() {
  Map<ObjectIdentity, PermissionSet> permissionMap = new HashMap<>();
  permissionMap.put(
      new EntityTypeIdentity("sys_ont_OntologyTermDynamicAnnotation"), PermissionSet.WRITE);
  permissionMap.put(new EntityTypeIdentity("sys_ont_OntologyTermNodePath"), PermissionSet.WRITE);
  permissionMap.put(new EntityTypeIdentity("sys_ont_OntologyTermSynonym"), PermissionSet.WRITE);
  permissionMap.put(new EntityTypeIdentity("sys_ont_Ontology"), PermissionSet.WRITE);
  permissionMap.put(new EntityTypeIdentity("sys_ont_OntologyTerm"), PermissionSet.WRITE);
  permissionMap.put(new EntityTypeIdentity("sys_dec_DecoratorConfiguration"), PermissionSet.READ);

  Sid sid = SidUtils.createUserSid(getCurrentUsername());
  for (Entry<ObjectIdentity, PermissionSet> entry : permissionMap.entrySet()) {
    runAsSystem(
        () -> {
          testPermissionService.createPermission(
              Permission.create(entry.getKey(), sid, entry.getValue()));
        });
  }
}
 
Example #12
Source File: PackageRepositorySecurityDecorator.java    From molgenis with GNU Lesser General Public License v3.0 6 votes vote down vote up
@Override
public void createAcl(Package pack) {
  PackageIdentity packageIdentity = new PackageIdentity(pack);
  MutableAcl acl;
  try {
    acl = mutableAclService.createAcl(packageIdentity);
  } catch (AlreadyExistsException e) {
    throw new EntityAlreadyExistsException(pack, e);
  }
  if (pack.getParent() != null) {
    ObjectIdentity parentIdentity = new PackageIdentity(pack.getParent());
    Acl parentAcl = mutableAclService.readAclById(parentIdentity);
    acl.setParent(parentAcl);
    mutableAclService.updateAcl(acl);
  }
}
 
Example #13
Source File: VcfImportServiceIT.java    From molgenis with GNU Lesser General Public License v3.0 6 votes vote down vote up
private void populateUserPermissions() {
  Map<ObjectIdentity, PermissionSet> permissionMap = new HashMap<>();
  permissionMap.put(new EntityTypeIdentity("sys_md_Package"), PermissionSet.WRITE);
  permissionMap.put(new PackageIdentity(VCF_PACKAGE_ID), PermissionSet.WRITEMETA);
  permissionMap.put(new EntityTypeIdentity("sys_md_EntityType"), PermissionSet.WRITE);
  permissionMap.put(new EntityTypeIdentity("sys_md_Attribute"), PermissionSet.WRITE);
  permissionMap.put(new EntityTypeIdentity("sys_dec_DecoratorConfiguration"), PermissionSet.READ);

  Sid sid = createUserSid(requireNonNull(getCurrentUsername()));
  for (Entry<ObjectIdentity, PermissionSet> entry : permissionMap.entrySet()) {
    runAsSystem(
        () -> {
          testPermissionService.createPermission(
              Permission.create(entry.getKey(), sid, entry.getValue()));
        });
  }
}
 
Example #14
Source File: AclService.java    From kylin with Apache License 2.0 5 votes vote down vote up
@Override
public MutableAcl createAcl(ObjectIdentity objectIdentity) throws AlreadyExistsException {
    try (AutoLock l = lock.lockForWrite()) {
        AclRecord aclRecord = getAclRecordByCache(objID(objectIdentity));
        if (aclRecord != null) {
            throw new AlreadyExistsException("ACL of " + objectIdentity + " exists!");
        }
        AclRecord record = newPrjACL(objectIdentity);
        crud.save(record);
        logger.debug("ACL of " + objectIdentity + " created successfully.");
    } catch (IOException e) {
        throw new InternalErrorException(e);
    }
    return (MutableAcl) readAclById(objectIdentity);
}
 
Example #15
Source File: JpaMutableAclService.java    From Spring-Security-Third-Edition with MIT License 5 votes vote down vote up
private void clearCacheIncludingChildren(ObjectIdentity objectIdentity) {
    Assert.notNull(objectIdentity, "ObjectIdentity required");
    List<ObjectIdentity> children = findChildren(objectIdentity);
    if (children != null) {
        for (ObjectIdentity child : children) {
            clearCacheIncludingChildren(child);
        }
    }
    aclCache.evictFromCache(objectIdentity);
}
 
Example #16
Source File: SecurityACLDAO.java    From spring-data-rest-acl with Apache License 2.0 5 votes vote down vote up
@Transactional(readOnly = false)
public void deletePermission(AbstractSecuredEntity element) {
    // Delete the ACL information as well
    //ObjectIdentity oid = new ObjectIdentityImpl(AbstractSecuredEntity.class, element.getId());
    ObjectIdentity oid = new ObjectIdentityImpl(element);
    mutableAclService.deleteAcl(oid, false);
}
 
Example #17
Source File: PermissionServiceDecoratorTest.java    From molgenis with GNU Lesser General Public License v3.0 5 votes vote down vote up
@Test
void testDeletePermission() {
  setSu();
  ObjectIdentity objectIdentity = new ObjectIdentityImpl("type", "identifier");
  Sid sid = new PrincipalSid("user");

  MutableAcl acl = mock(MutableAcl.class);
  when(acl.getOwner()).thenReturn(sid);
  when(mutableAclService.readAclById(objectIdentity)).thenReturn(acl);
  when(mutableAclClassService.getAclClassTypes()).thenReturn(singletonList("type"));
  permissionServiceDecorator.deletePermission(sid, objectIdentity);
  verify(permissionService).deletePermission(sid, objectIdentity);
  resetContext();
}
 
Example #18
Source File: JpaMutableAclService.java    From Spring-Security-Third-Edition with MIT License 5 votes vote down vote up
/**
 * Creates an entry in the acl_object_identity table for the passed ObjectIdentity. The Sid is also
 * necessary, as acl_object_identity has defined the sid column as non-null.
 *
 * @param object to represent an acl_object_identity for
 * @param owner for the SID column (will be created if there is no acl_sid entry for this particular Sid already)
 * @return
 */
protected void createObjectIdentity(ObjectIdentity object, Sid owner) {
    AclSid sid = createOrRetrieveSidPrimaryKey(owner, true);
    AclClass clazz = createOrRetrieveClassPrimaryKey(object.getType(), true);
    AclObjectIdentity identity = new AclObjectIdentity();
    identity.setObjIdClass(clazz);
    identity.setObjIdIdentity((Long) object.getIdentifier());
    identity.setOwner(sid);
    identity.setEntriesInheriting(Boolean.TRUE);
    aclDao.createObjectIdentity(identity);

}
 
Example #19
Source File: AclService.java    From Kylin with Apache License 2.0 5 votes vote down vote up
@Override
public Acl readAclById(ObjectIdentity object, List<Sid> sids) throws NotFoundException {
    Map<ObjectIdentity, Acl> aclsMap = readAclsById(Arrays.asList(object), sids);
    Assert.isTrue(aclsMap.containsKey(object), "There should have been an Acl entry for ObjectIdentity " + object);

    return aclsMap.get(object);
}
 
Example #20
Source File: PermissionServiceImpl.java    From molgenis with GNU Lesser General Public License v3.0 5 votes vote down vote up
@Override
public Set<LabelledPermission> getPermissionsForObject(
    ObjectIdentity objectIdentity, Set<Sid> sids, boolean isReturnInheritedPermissions) {
  checkTypeExists(objectIdentity.getType());
  entityHelper.checkEntityExists(objectIdentity);
  Acl acl = mutableAclService.readAclById(objectIdentity);
  return getPermissionResponses(acl, isReturnInheritedPermissions, sids);
}
 
Example #21
Source File: JpaAclDao.java    From Spring-Security-Third-Edition with MIT License 5 votes vote down vote up
@Override
public List<ObjectIdentity> findChildren(Serializable identifier, String type) {
    Query query = entityManager.createQuery("select aoi from AclObjectIdentity aoi, AclObjectIdentity parent, AclClass aclClass where aoi.parentObject = parent and aoi.objIdClass = aclClass and parent.objIdIdentity = :objIdIdentity and parent.objIdClass = (select acl FROM AclClass acl where acl.clazz = :clazz)");
    query.setParameter("objIdIdentity", identifier);
    query.setParameter("clazz", type);

    return query.getResultList();
}
 
Example #22
Source File: ObjectIdentityServiceImplTest.java    From molgenis with GNU Lesser General Public License v3.0 5 votes vote down vote up
@Test
void testGetObjectIdentities3() {
  List<Map<String, Object>> result = new ArrayList<>();
  Map<String, Object> result1 = new HashMap<>();
  result1.put("object_id_identity", "test1");
  result1.put("class", "classId");
  Map<String, Object> result2 = new HashMap<>();
  result2.put("object_id_identity", "test2");
  result2.put("class", "classId");
  result.addAll(Arrays.asList(result1, result2));

  Map<String, Object> paramMap = new HashMap<>();
  paramMap.put("classId", "classId");
  paramMap.put("sids", Collections.singletonList("user1"));
  doReturn(new Integer(12))
      .when(jdbcTemplate)
      .queryForObject(
          "SELECT COUNT( DISTINCT acl_object_identity.object_id_identity) FROM acl_object_identity LEFT JOIN acl_class ON acl_object_identity.object_id_class = acl_class.id LEFT JOIN acl_entry ON acl_entry.acl_object_identity = acl_object_identity.id LEFT JOIN acl_sid ON acl_entry.sid = acl_sid.id WHERE acl_class.class = :classId AND acl_sid.sid IN (:sids)",
          paramMap,
          Integer.class);
  Map<String, Object> paramMap2 = new HashMap<>();
  paramMap2.put("classId", "classId");
  paramMap2.put("sids", Collections.singletonList("user1"));
  doReturn(result)
      .when(jdbcTemplate)
      .queryForList(
          "SELECT DISTINCT acl_object_identity.object_id_identity, acl_class.class FROM acl_object_identity LEFT JOIN acl_class ON acl_object_identity.object_id_class = acl_class.id LEFT JOIN acl_entry ON acl_entry.acl_object_identity = acl_object_identity.id LEFT JOIN acl_sid ON acl_entry.sid = acl_sid.id WHERE acl_class.class = :classId AND acl_sid.sid IN (:sids) ORDER BY acl_object_identity.object_id_identity ASC",
          paramMap2);
  Sid sid = new PrincipalSid("user1");
  ObjectIdentity identity1 = mock(ObjectIdentity.class);
  ObjectIdentity identity2 = mock(ObjectIdentity.class);
  doReturn(identity1).when(entityHelper).getObjectIdentity("classId", "test1");
  doReturn(identity2).when(entityHelper).getObjectIdentity("classId", "test2");
  List<ObjectIdentity> expected = Arrays.asList(identity1, identity2);
  assertEquals(expected, objectIdentityService.getObjectIdentities("classId", singleton(sid)));
}
 
Example #23
Source File: JpaMutableAclService.java    From Spring-Security-Third-Edition with MIT License 5 votes vote down vote up
private void clearCacheIncludingChildren(ObjectIdentity objectIdentity) {
    Assert.notNull(objectIdentity, "ObjectIdentity required");
    List<ObjectIdentity> children = findChildren(objectIdentity);
    if (children != null) {
        for (ObjectIdentity child : children) {
            clearCacheIncludingChildren(child);
        }
    }
    aclCache.evictFromCache(objectIdentity);
}
 
Example #24
Source File: UpdatePermissionDeniedExceptionTest.java    From molgenis with GNU Lesser General Public License v3.0 5 votes vote down vote up
@ParameterizedTest
@MethodSource("languageMessageProvider")
@Override
protected void testGetLocalizedMessage(String lang, String message) {
  ObjectIdentity objectIdentity = Mockito.mock(ObjectIdentity.class);
  Mockito.when(objectIdentity.getIdentifier()).thenReturn("identifier");
  Mockito.when(objectIdentity.getType()).thenReturn("type");
  ExceptionMessageTest.assertExceptionMessageEquals(
      new InsufficientPermissionsException(
          objectIdentity, Collections.singletonList("superuser")),
      lang,
      message);
}
 
Example #25
Source File: ObjectIdentityImpl.java    From kylin with Apache License 2.0 5 votes vote down vote up
/**
 * Important so caching operates properly.
 * <p>
 * Considers an object of the same class equal if it has the same
 * <code>classname</code> and <code>id</code> properties.
 * <p>
 * Numeric identities (Integer and Long values) are considered equal if they are
 * numerically equal. Other serializable types are evaluated using a simple equality.
 *
 * @param arg0 object to compare
 *
 * @return <code>true</code> if the presented object matches this object
 */
public boolean equals(Object arg0) {
    if (arg0 == null || !(arg0 instanceof ObjectIdentity)) {
        return false;
    }

    ObjectIdentity other = (ObjectIdentity) arg0;

    if (!identifier.equals(other.getIdentifier())) {
        return false;
    }

    return type.equals(other.getType());
}
 
Example #26
Source File: JpaMutableAclService.java    From Spring-Security-Third-Edition with MIT License 5 votes vote down vote up
@Override
public Map<ObjectIdentity, Acl> readAclsById(List<ObjectIdentity> objects, List<Sid> sids) throws NotFoundException {
    Map<ObjectIdentity, Acl> result = lookupStrategy.readAclsById(objects, sids);

    // Check every requested object identity was found (throw NotFoundException if needed)
    for (ObjectIdentity oid : objects) {
        if (!result.containsKey(oid)) {
            throw new NotFoundException("Unable to find ACL information for object identity '" + oid + "'");
        }
    }

    return result;
}
 
Example #27
Source File: CopyServiceIT.java    From molgenis with GNU Lesser General Public License v3.0 5 votes vote down vote up
private Map<ObjectIdentity, PermissionSet> getPermissionMap() {
  Map<ObjectIdentity, PermissionSet> permissionMap = new HashMap<>();
  permissionMap.put(new EntityTypeIdentity("sys_md_Package"), PermissionSet.WRITE);
  permissionMap.put(new EntityTypeIdentity("sys_md_EntityType"), PermissionSet.WRITE);
  permissionMap.put(new EntityTypeIdentity("sys_md_Attribute"), PermissionSet.WRITE);
  permissionMap.put(new EntityTypeIdentity("sys_Language"), PermissionSet.READ);
  permissionMap.put(new EntityTypeIdentity("sys_L10nString"), PermissionSet.READ);
  permissionMap.put(new EntityTypeIdentity(DECORATOR_CONFIGURATION), PermissionSet.READ);
  permissionMap.put(new PackageIdentity(PACKAGE_A), PermissionSet.READ);
  return permissionMap;
}
 
Example #28
Source File: PermissionServiceImpl.java    From molgenis with GNU Lesser General Public License v3.0 5 votes vote down vote up
@Override
public Map<String, Set<LabelledPermission>> getPermissionsForType(
    String typeId, Set<Sid> sids, boolean isReturnInherited) {
  entityHelper.checkEntityTypeExists(typeId);
  List<ObjectIdentity> objectIdentities = getObjectIdentities(typeId, sids, isReturnInherited);
  Map<ObjectIdentity, Acl> aclMap = readAcls(sids, objectIdentities);

  return getPermissions(aclMap, objectIdentities, sids, isReturnInherited);
}
 
Example #29
Source File: PermissionPopulator.java    From molgenis with GNU Lesser General Public License v3.0 5 votes vote down vote up
private void populate(PermissionRegistry systemPermissionRegistry) {
  Multimap<ObjectIdentity, Pair<PermissionSet, Sid>> systemPermissions =
      systemPermissionRegistry.getPermissions();

  Multimap<ObjectIdentity, Pair<PermissionSet, Sid>> newSystemPermissions =
      filterEntries(
          systemPermissions,
          entry -> entry != null && isNewPermission(entry.getKey(), entry.getValue()));

  newSystemPermissions.asMap().forEach(this::populate);
}
 
Example #30
Source File: ObjectIdentityServiceImpl.java    From molgenis with GNU Lesser General Public License v3.0 5 votes vote down vote up
@Override
public List<ObjectIdentity> getObjectIdentities(String classId, int limit, int offset) {
  Map<String, Object> paramMap = new HashMap<>();
  paramMap.put(CLASS_ID, classId);
  paramMap.put(LIMIT, limit);
  paramMap.put(OFFSET, offset);
  List<Map<String, Object>> result =
      getTemplate()
          .queryForList(SQL_SELECT_OBJECT_IDENTITIES + WHERE_CLASS + ORDER_BY + PAGE, paramMap);
  return parseToStringList(result);
}