public Serializable getIdentifier(Object resource) { if (resource instanceof String) { return (String) resource; } PermissionHandler handler = getHandlerForResource(resource); return handler != null ? handler.getIdentifier(resource) : null; }
@Override public void revokeAllPermissions(IdentityContext ctx, Object resource) { EntityManager em = getEntityManager(ctx); EntityMapper mapper = getPermissionMapperForResource(resource.getClass()); Property resourceClassProperty = mapper.getProperty(PermissionResourceClass.class).getValue(); Property resourceIdentifierProperty = mapper.getProperty(PermissionResourceIdentifier.class).getValue(); CriteriaBuilder cb = em.getCriteriaBuilder(); CriteriaQuery cq = cb.createQuery(mapper.getEntityType()); Root from = cq.from(mapper.getEntityType()); List<Predicate> predicates = new ArrayList<Predicate>(); // Set the resource class and resource identifier predicates predicates.add(cb.equal(from.get(resourceClassProperty.getName()), ctx.getPermissionHandlerPolicy().getResourceClass(resource).getName())); predicates.add(cb.equal(from.get(resourceIdentifierProperty.getName()), ctx.getPermissionHandlerPolicy().getIdentifier(resource).toString())); cq.where(predicates.toArray(new Predicate[predicates.size()])); List results = em.createQuery(cq).getResultList(); for (Object result : results) { em.remove(result); } }
this.attributeManagementConfig = attributeCfg; this.permissionHandlerPolicy = new PermissionHandlerPolicy(null); this.permissionHandlerPolicy.registerHandler(handler);
this.attributeManagementConfig = attributeCfg; this.permissionHandlerPolicy = new PermissionHandlerPolicy(null); this.permissionHandlerPolicy.registerHandler(handler);
@Override public void revokeAllPermissions(IdentityContext ctx, Object resource) { EntityManager em = getEntityManager(ctx); EntityMapper mapper = getPermissionMapperForResource(resource.getClass()); Property resourceClassProperty = mapper.getProperty(PermissionResourceClass.class).getValue(); Property resourceIdentifierProperty = mapper.getProperty(PermissionResourceIdentifier.class).getValue(); CriteriaBuilder cb = em.getCriteriaBuilder(); CriteriaQuery cq = cb.createQuery(mapper.getEntityType()); Root from = cq.from(mapper.getEntityType()); List<Predicate> predicates = new ArrayList<Predicate>(); // Set the resource class and resource identifier predicates predicates.add(cb.equal(from.get(resourceClassProperty.getName()), ctx.getPermissionHandlerPolicy().getResourceClass(resource).getName())); predicates.add(cb.equal(from.get(resourceIdentifierProperty.getName()), ctx.getPermissionHandlerPolicy().getIdentifier(resource).toString())); cq.where(predicates.toArray(new Predicate[predicates.size()])); List results = em.createQuery(cq).getResultList(); for (Object result : results) { em.remove(result); } }
public Serializable getIdentifier(Object resource) { if (resource instanceof String) { return (String) resource; } PermissionHandler handler = getHandlerForResource(resource); return handler != null ? handler.getIdentifier(resource) : null; }
@Override public void revokeAllPermissions(IdentityContext context, Object resource) { Partition partition = context.getPartition(); FilePartition filePartition = resolve(partition.getClass(), partition.getName()); Collection<List<FilePermission>> allPermissions = filePartition.getPermissions().values(); Class resourceClass = context.getPermissionHandlerPolicy().getResourceClass(resource); Serializable resourceIdentifier = context.getPermissionHandlerPolicy().getIdentifier(resource); if (allPermissions != null) { for (List<FilePermission> permissions : allPermissions) { for (FilePermission filePermission : new ArrayList<FilePermission>(permissions)) { Permission permission = filePermission.getEntry(); if (hasAttributes(permission, resourceClass, resourceIdentifier, null)) { permissions.remove(filePermission); } } } this.fileDataSource.flushPermissions(filePartition); } }
public Class<?> getResourceClass(Object resource) { if (resource instanceof String) { return String.class; } PermissionHandler handler = getHandlerForResource(resource); if (handler == null) { throw new IdentityManagementException(String.format( "No permission handler registered for resource [%s]", resource.toString())); } return handler.unwrapResourceClass(resource); }
@Override public void revokeAllPermissions(IdentityContext context, Object resource) { Partition partition = context.getPartition(); FilePartition filePartition = resolve(partition.getClass(), partition.getName()); Collection<List<FilePermission>> allPermissions = filePartition.getPermissions().values(); Class resourceClass = context.getPermissionHandlerPolicy().getResourceClass(resource); Serializable resourceIdentifier = context.getPermissionHandlerPolicy().getIdentifier(resource); if (allPermissions != null) { for (List<FilePermission> permissions : allPermissions) { for (FilePermission filePermission : new ArrayList<FilePermission>(permissions)) { Permission permission = filePermission.getEntry(); if (hasAttributes(permission, resourceClass, resourceIdentifier, null)) { permissions.remove(filePermission); } } } this.fileDataSource.flushPermissions(filePartition); } }
public Class<?> getResourceClass(Object resource) { if (resource instanceof String) { return String.class; } PermissionHandler handler = getHandlerForResource(resource); if (handler == null) { throw new IdentityManagementException(String.format( "No permission handler registered for resource [%s]", resource.toString())); } return handler.unwrapResourceClass(resource); }
@Override public boolean revokePermission(IdentityContext context, IdentityType assignee, Object resource, String operation) { EntityManager em = getEntityManager(context); List<EntityMapper> mappers = new ArrayList<EntityMapper>(); Class<?> resourceClass = context.getPermissionHandlerPolicy().getResourceClass(resource); Serializable resourceIdentifier = context.getPermissionHandlerPolicy().getIdentifier(resource); if (resourceClass != null) { mappers.add(getPermissionMapperForResource(resourceClass)); } else { mappers.addAll(getPermissionMappers()); } for (EntityMapper mapper : mappers) { // We first attempt to lookup an existing entity Object entity = lookupPermissionEntity(context, mapper, assignee, resourceClass, resourceIdentifier); // If there's no entity found then there's nothing to do if (entity != null) { PermissionOperationSet operationSet = new PermissionOperationSet(entity, resourceClass, mapper); operationSet.removeOperation(operation); Set<String> operations = operationSet.getOperations(); if (operations.isEmpty()) { em.remove(entity); } else { em.merge(entity); } return true; } } return false; }
@Override public boolean revokePermission(IdentityContext context, IdentityType assignee, Object resource, String operation) { EntityManager em = getEntityManager(context); List<EntityMapper> mappers = new ArrayList<EntityMapper>(); Class<?> resourceClass = context.getPermissionHandlerPolicy().getResourceClass(resource); Serializable resourceIdentifier = context.getPermissionHandlerPolicy().getIdentifier(resource); if (resourceClass != null) { mappers.add(getPermissionMapperForResource(resourceClass)); } else { mappers.addAll(getPermissionMappers()); } for (EntityMapper mapper : mappers) { // We first attempt to lookup an existing entity Object entity = lookupPermissionEntity(context, mapper, assignee, resourceClass, resourceIdentifier); // If there's no entity found then there's nothing to do if (entity != null) { PermissionOperationSet operationSet = new PermissionOperationSet(entity, resourceClass, mapper); operationSet.removeOperation(operation); Set<String> operations = operationSet.getOperations(); if (operations.isEmpty()) { em.remove(entity); } else { em.merge(entity); } return true; } } return false; }
@Override public boolean revokePermission(IdentityContext context, IdentityType assignee, Object resource, String operation) { Partition partition = assignee.getPartition(); FilePartition filePartition = resolve(partition.getClass(), partition.getName()); List<FilePermission> permissions = filePartition.getPermissions().get(assignee.getId()); Class resourceClass = context.getPermissionHandlerPolicy().getResourceClass(resource); Serializable resourceIdentifier = context.getPermissionHandlerPolicy().getIdentifier(resource); if (permissions != null) { for (FilePermission filePermission : new ArrayList<FilePermission>(permissions)) { Permission permission = filePermission.getEntry(); if (hasAttributes(permission, resourceClass, resourceIdentifier, operation)) { String newOperations = PermissionUtil.removeOperation(permission.getOperation(), operation); permissions.remove(filePermission); if (operation != null && !isNullOrEmpty(newOperations)) { grantPermission(context, assignee, resource, newOperations); } } } } return false; }
@Override public boolean revokePermission(IdentityContext context, IdentityType assignee, Object resource, String operation) { Partition partition = assignee.getPartition(); FilePartition filePartition = resolve(partition.getClass(), partition.getName()); List<FilePermission> permissions = filePartition.getPermissions().get(assignee.getId()); Class resourceClass = context.getPermissionHandlerPolicy().getResourceClass(resource); Serializable resourceIdentifier = context.getPermissionHandlerPolicy().getIdentifier(resource); if (permissions != null) { for (FilePermission filePermission : new ArrayList<FilePermission>(permissions)) { Permission permission = filePermission.getEntry(); if (hasAttributes(permission, resourceClass, resourceIdentifier, operation)) { String newOperations = PermissionUtil.removeOperation(permission.getOperation(), operation); permissions.remove(filePermission); if (operation != null && !isNullOrEmpty(newOperations)) { grantPermission(context, assignee, resource, newOperations); } } } } return false; }
@Override public boolean grantPermission(IdentityContext context, IdentityType assignee, Object resource, String operation) { Partition partition = assignee.getPartition(); FilePartition filePartition = resolve(partition.getClass(), partition.getName()); Class resourceClass = context.getPermissionHandlerPolicy().getResourceClass(resource); Serializable resourceIdentifier = context.getPermissionHandlerPolicy().getIdentifier(resource); List<Permission> existingPermissions = listPermissions(context, new IdentityPermission(resource, assignee, null)); if (existingPermissions.isEmpty()) { List<FilePermission> permissions = filePartition.getPermissions().get(assignee.getId()); if (permissions == null) { permissions = new ArrayList<FilePermission>(); filePartition.getPermissions().put(assignee.getId(), permissions); } FilePermission filePermission = new FilePermission(assignee, new IdentityPermission(resourceClass, resourceIdentifier .toString(), assignee, operation)); permissions.add(filePermission); } else { Permission permission = existingPermissions.get(0); revokePermission(context, assignee, resource, null); String newOperations = PermissionUtil.addOperation(permission.getOperation(), operation); grantPermission(context, assignee, resource, newOperations); } this.fileDataSource.flushPermissions(filePartition); return true; }
@Override public boolean grantPermission(IdentityContext context, IdentityType assignee, Object resource, String operation) { Partition partition = assignee.getPartition(); FilePartition filePartition = resolve(partition.getClass(), partition.getName()); Class resourceClass = context.getPermissionHandlerPolicy().getResourceClass(resource); Serializable resourceIdentifier = context.getPermissionHandlerPolicy().getIdentifier(resource); List<Permission> existingPermissions = listPermissions(context, new IdentityPermission(resource, assignee, null)); if (existingPermissions.isEmpty()) { List<FilePermission> permissions = filePartition.getPermissions().get(assignee.getId()); if (permissions == null) { permissions = new ArrayList<FilePermission>(); filePartition.getPermissions().put(assignee.getId(), permissions); } FilePermission filePermission = new FilePermission(assignee, new IdentityPermission(resourceClass, resourceIdentifier .toString(), assignee, operation)); permissions.add(filePermission); } else { Permission permission = existingPermissions.get(0); revokePermission(context, assignee, resource, null); String newOperations = PermissionUtil.addOperation(permission.getOperation(), operation); grantPermission(context, assignee, resource, newOperations); } this.fileDataSource.flushPermissions(filePartition); return true; }
@Override public boolean grantPermission(IdentityContext context, IdentityType assignee, Object resource, String operation) { EntityManager em = getEntityManager(context); Class<?> resourceClass = context.getPermissionHandlerPolicy().getResourceClass(resource); Serializable resourceIdentifier = context.getPermissionHandlerPolicy().getIdentifier(resource); resourceClassProperty.setValue(entity, context.getPermissionHandlerPolicy().getResourceClass(resource).getName());
@Override public boolean grantPermission(IdentityContext context, IdentityType assignee, Object resource, String operation) { EntityManager em = getEntityManager(context); Class<?> resourceClass = context.getPermissionHandlerPolicy().getResourceClass(resource); Serializable resourceIdentifier = context.getPermissionHandlerPolicy().getIdentifier(resource); resourceClassProperty.setValue(entity, context.getPermissionHandlerPolicy().getResourceClass(resource).getName());
resourceClass = ctx.getPermissionHandlerPolicy().getResourceClass(resource); resourceIdentifier = ctx.getPermissionHandlerPolicy().getIdentifier(resource);
resourceClass = ctx.getPermissionHandlerPolicy().getResourceClass(resource); resourceIdentifier = ctx.getPermissionHandlerPolicy().getIdentifier(resource);