public PermissionTarget asPermissionTarget() { return new PermissionTarget( PermissionTargetType.GROUP, id(), getName(), getDescription() ); } }
public AccountGroup withId(ID id) { checkLock(); return new AccountGroup( id, name, description, authorisations, locked ); }
protected AccountGroup groupWithACL(AccountGroup group) { return group // Global role .withGlobalRole( roleRepository.findGlobalRoleByGroup(group.id()).flatMap(rolesService::getGlobalRole) ) // Project roles .withProjectRoles( roleRepository.findProjectRoleAssociationsByGroup(group.id(), rolesService::getProjectRoleAssociation) ) // OK .lock(); } }
@Override public Optional<GlobalRole> getGlobalRoleForAccountGroup(AccountGroup group) { return roleRepository.findGlobalRoleByGroup(group.id()) .flatMap(rolesService::getGlobalRole); }
@Override public AccountGroup newAccountGroup(AccountGroup group) { try { return group.withId( ID.of( dbCreate( "INSERT INTO ACCOUNT_GROUPS (NAME, DESCRIPTION) " + "VALUES (:name, :description)", params("name", group.getName()) .addValue("description", group.getDescription()) ) ) ); } catch (DuplicateKeyException ex) { throw new AccountGroupNameAlreadyDefinedException(group.getName()); } }
private Optional<GlobalPermission> getGroupGlobalPermission(AccountGroup group) { Optional<String> roleId = roleRepository.findGlobalRoleByGroup(group.id()); if (roleId.isPresent()) { Optional<GlobalRole> globalRole = rolesService.getGlobalRole(roleId.get()); if (globalRole.isPresent()) { return Optional.of( new GlobalPermission( group.asPermissionTarget(), globalRole.get() ) ); } } return Optional.empty(); }
group -> contains(group.getName(), name) || contains(group.getDescription(), name) );
private DataFetcher adminAccountGroupMappingsFetcher() { return environment -> { Predicate<AccountGroupMapping> filter = agm -> true; // Filter on name Optional<String> nameArgument = GraphqlUtils.getStringArgument(environment, MAPPING_NAME_ARGUMENT); if (nameArgument.isPresent()) { filter = filter.and(agm -> StringUtils.equals(nameArgument.get(), agm.getName()) ); } // Filter on group Optional<String> groupArgument = GraphqlUtils.getStringArgument(environment, MAPPING_GROUP_ARGUMENT); if (groupArgument.isPresent()) { filter = filter.and(agm -> StringUtils.equals(groupArgument.get(), agm.getGroup().getName()) ); } // List return accountGroupMappingService.getMappings( GraphqlUtils.getStringArgument(environment, MAPPING_TYPE_ARGUMENT) .orElseThrow(() -> new IllegalStateException("Required argument: " + MAPPING_TYPE_ARGUMENT)) ) .stream() .filter(filter) .collect(Collectors.toList()); }; }
@Override public AccountGroup createGroup(NameDescription nameDescription) { securityService.checkGlobalFunction(AccountGroupManagement.class); // Creates the account group AccountGroup group = AccountGroup.of(nameDescription.getName(), nameDescription.getDescription()); // Saves it return accountGroupRepository.newAccountGroup(group); }
public AccountGroup withProjectRoles(Collection<ProjectRoleAssociation> projectRoleAssociations) { checkLock(); authorisations = authorisations.withProjectRoles(projectRoleAssociations); return this; }
public AccountGroup lock() { return new AccountGroup( id, name, description, authorisations, true ); }
@Override public List<AccountGroupSelection> getAccountGroupsForSelection(ID accountId) { // Account groups or none Set<Integer> accountGroupIds = accountId.ifSet(accountGroupRepository::findByAccount) .orElse(Collections.emptyList()) .stream() .map(Entity::id) .collect(Collectors.toSet()); // Collection of groups with the selection return getAccountGroups().stream() .map(group -> AccountGroupSelection.of(group, accountGroupIds.contains(group.id()))) .collect(Collectors.toList()); }
private Optional<ProjectPermission> getGroupProjectPermission(ID projectId, AccountGroup accountGroup) { Optional<ProjectRoleAssociation> roleAssociationOptional = roleRepository.findProjectRoleAssociationsByGroup( accountGroup.id(), projectId.getValue(), rolesService::getProjectRoleAssociation ); if (roleAssociationOptional.isPresent()) { return Optional.of( new ProjectPermission( projectId, accountGroup.asPermissionTarget(), roleAssociationOptional.get().getProjectRole() ) ); } else { return Optional.empty(); } }
filter = filter.and( account -> account.getAccountGroups().stream().anyMatch( grp -> contains(grp.getName(), group)
public AccountGroup withProjectRole(ProjectRoleAssociation projectRoleAssociation) { checkLock(); authorisations = authorisations.withProjectRole(projectRoleAssociation); return this; }
public static AccountGroup of(String name, String description) { return new AccountGroup( ID.NONE, name, description, Authorisations.none(), false); }
@Override public void update(AccountGroup group) { try { getNamedParameterJdbcTemplate().update( "UPDATE ACCOUNT_GROUPS SET NAME = :name, DESCRIPTION = :description " + "WHERE ID = :id", params("name", group.getName()) .addValue("description", group.getDescription()) .addValue("id", group.id()) ); } catch (DuplicateKeyException ex) { throw new AccountGroupNameAlreadyDefinedException(group.getName()); } }
@Override public Collection<ProjectRoleAssociation> getProjectPermissionsForAccountGroup(AccountGroup group) { return roleRepository.findProjectRoleAssociationsByGroup( group.id(), rolesService::getProjectRoleAssociation ) .stream() // Filter by authorisation .filter(projectRoleAssociation -> securityService.isProjectFunctionGranted( projectRoleAssociation.getProjectId(), ProjectAuthorisationMgt.class )) // OK .collect(Collectors.toList()); }