public boolean isGranted(int projectId, Class<? extends ProjectFunction> fn) { return (globalRole != null && globalRole.isProjectFunctionGranted(fn)) || projectRoleAssociations.stream().anyMatch(pa -> pa.getProjectId() == projectId && pa.isGranted(fn)); }
@Override public Collection<ProjectRoleAssociation> getProjectPermissionsForAccount(Account account) { return roleRepository.findProjectRoleAssociationsByAccount( account.id(), rolesService::getProjectRoleAssociation ) .stream() // Filter by authorisation .filter(projectRoleAssociation -> securityService.isProjectFunctionGranted( projectRoleAssociation.getProjectId(), ProjectAuthorisationMgt.class )) // OK .collect(Collectors.toList()); }
private Optional<ProjectPermission> getGroupProjectPermission(ID projectId, AccountGroup accountGroup) { Optional<ProjectRoleAssociation> roleAssociationOptional = roleRepository.findProjectRoleAssociationsByGroup( accountGroup.id(), projectId.getValue(), rolesService::getProjectRoleAssociation ); if (roleAssociationOptional.isPresent()) { return Optional.of( new ProjectPermission( projectId, accountGroup.asPermissionTarget(), roleAssociationOptional.get().getProjectRole() ) ); } else { return Optional.empty(); } }
public T with(int projectId, Class<? extends ProjectFunction> fn) { account.withProjectRole( new ProjectRoleAssociation( projectId, new ProjectRole( "test", "Test", "", Collections.singleton(fn) ) ) ); //noinspection unchecked return (T) this; }
@Override public Collection<ProjectRoleAssociation> getProjectPermissionsForAccountGroup(AccountGroup group) { return roleRepository.findProjectRoleAssociationsByGroup( group.id(), rolesService::getProjectRoleAssociation ) .stream() // Filter by authorisation .filter(projectRoleAssociation -> securityService.isProjectFunctionGranted( projectRoleAssociation.getProjectId(), ProjectAuthorisationMgt.class )) // OK .collect(Collectors.toList()); }
private Optional<ProjectPermission> getProjectPermission(ID projectId, Account account) { Optional<ProjectRoleAssociation> roleAssociationOptional = roleRepository.findProjectRoleAssociationsByAccount( account.id(), projectId.getValue(), rolesService::getProjectRoleAssociation ); if (roleAssociationOptional.isPresent()) { return Optional.of( new ProjectPermission( projectId, account.asPermissionTarget(), roleAssociationOptional.get().getProjectRole() ) ); } else { return Optional.empty(); } }
@Override public GraphQLObjectType createType(GQLTypeCache cache) { return newObject() .name(AUTHORIZED_PROJECT) .field( newFieldDefinition() .name("role") .description("Role for the project") .type(new GraphQLNonNull(projectRole.getTypeRef())) .dataFetcher(fetcher(ProjectRoleAssociation.class, ProjectRoleAssociation::getProjectRole)) .build() ) .field( newFieldDefinition() .name("project") .description("Authorized project") .type(new GraphQLNonNull(new GraphQLTypeReference(GQLTypeProject.PROJECT))) .dataFetcher(fetcher( ProjectRoleAssociation.class, pra -> structureService.getProject(ID.of(pra.getProjectId())) )) .build() ) .build(); }