final Function<String, AccessPolicy> createPolicy = resource -> new AccessPolicy.Builder() .identifierGenerateFromSeed(resource + access.getType()) .resource(resource) .action(action) .addUsers(userIds) .addGroups(groupIds) .build();
private AccessPolicy parsePolicy(final Element element) { final AccessPolicy.Builder builder = new AccessPolicy.Builder() .identifier(element.getAttribute(IDENTIFIER_ATTR)) .resource(element.getAttribute(RESOURCE_ATTR)); final String actions = element.getAttribute(ACTIONS_ATTR); if (actions.equals(RequestAction.READ.name())) { builder.action(RequestAction.READ); } else if (actions.equals(RequestAction.WRITE.name())) { builder.action(RequestAction.WRITE); } else { throw new IllegalStateException("Unknown Policy Action: " + actions); } NodeList policyUsers = element.getElementsByTagName(POLICY_USER_ELEMENT); for (int i=0; i < policyUsers.getLength(); i++) { Element policyUserNode = (Element) policyUsers.item(i); builder.addUser(policyUserNode.getAttribute(IDENTIFIER_ATTR)); } NodeList policyGroups = element.getElementsByTagName(POLICY_GROUP_ELEMENT); for (int i=0; i < policyGroups.getLength(); i++) { Element policyGroupNode = (Element) policyGroups.item(i); builder.addGroup(policyGroupNode.getAttribute(IDENTIFIER_ATTR)); } return builder.build(); }
final Function<String, AccessPolicy> createPolicy = resource -> new AccessPolicy.Builder() .identifierGenerateFromSeed(resource + access.getType()) .resource(resource) .action(action) .addUsers(userIds) .addGroups(groupIds) .build();
final AccessPolicy.Builder builder = new AccessPolicy.Builder() .identifierGenerateFromSeed(uuidSeed) .resource(resource) .addGroup(groupIdentifier); builder.action(RequestAction.READ); } else if (action.equals(WRITE_CODE)) { builder.action(RequestAction.WRITE); } else { throw new IllegalStateException("Unknown Policy Action: " + action); final AccessPolicy accessPolicy = builder.build(); final Policy jaxbPolicy = createJAXBPolicy(accessPolicy); authorizations.getPolicies().getPolicy().add(jaxbPolicy);
final AccessPolicy.Builder builder = new AccessPolicy.Builder() .identifierGenerateFromSeed(uuidSeed) .resource(resource) .addUser(userIdentifier); builder.action(RequestAction.READ); } else if (action.equals(WRITE_CODE)) { builder.action(RequestAction.WRITE); } else { throw new IllegalStateException("Unknown Policy Action: " + action); final AccessPolicy accessPolicy = builder.build(); final Policy jaxbPolicy = createJAXBPolicy(accessPolicy); authorizations.getPolicies().getPolicy().add(jaxbPolicy);
final AccessPolicy.Builder builder = new AccessPolicy.Builder() .identifier(policyIdentifier) .resource(resourceIdentifier); builder.addUser(user.getIdentifier()); builder.addGroup(group.getIdentifier()); builder.action(RequestAction.READ); } else if (authorizationCode.equals(FileAccessPolicyProvider.WRITE_CODE)){ builder.action(RequestAction.WRITE); } else { throw new IllegalStateException("Unknown Policy Action: " + authorizationCode); allPolicies.add(builder.build());
@Override public User deleteUser(final String userId) { if (userGroupProvider instanceof ConfigurableUserGroupProvider) { final ConfigurableUserGroupProvider configurableUserGroupProvider = (ConfigurableUserGroupProvider) userGroupProvider; final User user = getUser(userId); final User removedUser = configurableUserGroupProvider.deleteUser(user); // ensure the user was removed if (removedUser == null) { throw new ResourceNotFoundException(String.format("Unable to find user with id '%s'.", userId)); } // remove any references to the user being deleted from policies if possible if (accessPolicyProvider instanceof ConfigurableAccessPolicyProvider) { for (AccessPolicy policy : accessPolicyProvider.getAccessPolicies()) { final ConfigurableAccessPolicyProvider configurableAccessPolicyProvider = (ConfigurableAccessPolicyProvider) accessPolicyProvider; // ensure this policy contains a reference to the user and this policy is configurable (check proactively to prevent an exception) if (policy.getUsers().contains(removedUser.getIdentifier()) && configurableAccessPolicyProvider.isConfigurable(policy)) { final AccessPolicy.Builder builder = new AccessPolicy.Builder(policy).removeUser(removedUser.getIdentifier()); configurableAccessPolicyProvider.updateAccessPolicy(builder.build()); } } } return removedUser; } else { throw new IllegalStateException(MSG_NON_CONFIGURABLE_USERS); } }
@Override public Group deleteUserGroup(final String userGroupId) { if (userGroupProvider instanceof ConfigurableUserGroupProvider) { final ConfigurableUserGroupProvider configurableUserGroupProvider = (ConfigurableUserGroupProvider) userGroupProvider; final Group group = getUserGroup(userGroupId); final Group removedGroup = configurableUserGroupProvider.deleteGroup(group); // ensure the user was removed if (removedGroup == null) { throw new ResourceNotFoundException(String.format("Unable to find user group with id '%s'.", removedGroup)); } // remove any references to the user group being deleted from policies if possible if (accessPolicyProvider instanceof ConfigurableAccessPolicyProvider) { for (AccessPolicy policy : accessPolicyProvider.getAccessPolicies()) { final ConfigurableAccessPolicyProvider configurableAccessPolicyProvider = (ConfigurableAccessPolicyProvider) accessPolicyProvider; // ensure this policy contains a reference to the user group and this policy is configurable (check proactively to prevent an exception) if (policy.getGroups().contains(removedGroup.getIdentifier()) && configurableAccessPolicyProvider.isConfigurable(policy)) { final AccessPolicy.Builder builder = new AccessPolicy.Builder(policy).removeGroup(removedGroup.getIdentifier()); configurableAccessPolicyProvider.updateAccessPolicy(builder.build()); } } } return removedGroup; } else { throw new IllegalStateException(MSG_NON_CONFIGURABLE_USERS); } }
private AccessPolicy parsePolicy(final Element element) { final AccessPolicy.Builder builder = new AccessPolicy.Builder() .identifier(element.getAttribute(IDENTIFIER_ATTR)) .resource(element.getAttribute(RESOURCE_ATTR)); final String actions = element.getAttribute(ACTIONS_ATTR); if (actions.equals(RequestAction.READ.name())) { builder.action(RequestAction.READ); } else if (actions.equals(RequestAction.WRITE.name())) { builder.action(RequestAction.WRITE); } else { throw new IllegalStateException("Unknown Policy Action: " + actions); } NodeList policyUsers = element.getElementsByTagName(POLICY_USER_ELEMENT); for (int i=0; i < policyUsers.getLength(); i++) { Element policyUserNode = (Element) policyUsers.item(i); builder.addUser(policyUserNode.getAttribute(IDENTIFIER_ATTR)); } NodeList policyGroups = element.getElementsByTagName(POLICY_GROUP_ELEMENT); for (int i=0; i < policyGroups.getLength(); i++) { Element policyGroupNode = (Element) policyGroups.item(i); builder.addGroup(policyGroupNode.getAttribute(IDENTIFIER_ATTR)); } return builder.build(); }
private AccessPolicy buildAccessPolicy(final String identifier, final String resource, final RequestAction action, final AccessPolicyDTO accessPolicyDTO) { final Set<TenantEntity> userGroups = accessPolicyDTO.getUserGroups(); final Set<TenantEntity> users = accessPolicyDTO.getUsers(); final AccessPolicy.Builder builder = new AccessPolicy.Builder() .identifier(identifier) .resource(resource); if (userGroups != null) { builder.addGroups(userGroups.stream().map(ComponentEntity::getId).collect(Collectors.toSet())); } if (users != null) { builder.addUsers(users.stream().map(ComponentEntity::getId).collect(Collectors.toSet())); } builder.action(action); return builder.build(); }