public static RestGrantObject map(GrantObject grantObject) { grantObject.getGrants(); List<RestGrant> mappedGrants = new ArrayList<>(); for(Grant grant : grantObject.getGrants()) { mappedGrants.add(map(grantObject.getObjectName(), grant)); } return new RestGrantObject(grantObject.getObjectName(), mappedGrants); }
@Override public Grant getGrant(String userName) { return grantObject.getGrant(userName); }
@Override public boolean isGranted(String userName, AccessMode mode) { return grantObject.isGranted(userName, mode); }
@Override public String getObjectName() { return grantObject.getObjectName(); }
@Override public List<Grant> getGrants() { return grantObject.getGrants(); }
@Override public void revoke(UserSession currentSession, String object, String userName) throws JasDBStorageException { authorize(currentSession, "/Grants", AccessMode.DELETE); GrantObject grantObject = getMutableGrantObject(currentSession, object); if(grantObject != null) { grantObject.removeGrant(userName); getGrantProvider().persistGrant(encryptGrants(grantObject, currentSession)); cachedGrants.remove(object); } else { throw new JasDBSecurityException("Unable to revoke grant, no object: " + object + " was found with grantObject for user: " + userName); } }
@Override public void grantUser(UserSession currentSession, String object, String userName, AccessMode mode) throws JasDBStorageException { authorize(currentSession, "/Grants", AccessMode.WRITE); try { GrantMetadataProvider grantMetadataProvider = getGrantProvider(); if(grantMetadataProvider.hasGrant(object)) { GrantObject grantObject = getMutableGrantObject(currentSession, object); grantObject.addGrant(new GrantMeta(userName, mode)); grantMetadataProvider.persistGrant(encryptGrants(grantObject, currentSession)); } else { GrantObject grantObject = new GrantObjectMeta(object, new GrantMeta(userName, mode)); grantMetadataProvider.persistGrant(encryptGrants(grantObject, currentSession)); } } finally { cachedGrants.remove(object); } }
private EncryptedGrants encryptGrants(GrantObject grantObject, UserSession userSession) throws JasDBStorageException { CryptoEngine cryptoEngine = CryptoFactory.getEngine(); String contentKey = CryptoFactory.getEngine().decrypt(userSession.getUser().getPasswordSalt(), userSession.getAccessToken(), userSession.getEncryptedContentKey()); String salt = cryptoEngine.generateSalt(); String unencryptedData = SimpleEntity.toJson(GrantObjectMeta.toEntity(grantObject)); String encryptedData = cryptoEngine.encrypt(salt, contentKey, unencryptedData); return new EncryptedGrants(grantObject.getObjectName(), encryptedData, salt, cryptoEngine.getDescriptor()); }
public static SimpleEntity toEntity(GrantObject grantObject) { SimpleEntity entity = new SimpleEntity(); entity.addProperty(Constants.GRANT_OBJECT, grantObject.getObjectName()); for(Grant grant : grantObject.getGrants()) { EmbeddedEntity grantEntity = new EmbeddedEntity(); grantEntity.setProperty(Constants.GRANT_USER, grant.getGrantedUsername()); grantEntity.setProperty(Constants.GRANT_MODE, grant.getAccessMode().getMode()); entity.addEntity(Constants.GRANTS, grantEntity); } return entity; }
private AccessMode verifyGrantMode(GrantObject grantObject, String username) { if(grantObject != null) { Grant userGrant = grantObject.getGrant(username); return userGrant != null ? userGrant.getAccessMode() : null; } else { return null; } } }