@Override public Optional<GlobalRole> getGlobalRoleForAccountGroup(AccountGroup group) { return roleRepository.findGlobalRoleByGroup(group.id()) .flatMap(rolesService::getGlobalRole); }
@Override public List<AccountGroupSelection> getAccountGroupsForSelection(ID accountId) { // Account groups or none Set<Integer> accountGroupIds = accountId.ifSet(accountGroupRepository::findByAccount) .orElse(Collections.emptyList()) .stream() .map(Entity::id) .collect(Collectors.toSet()); // Collection of groups with the selection return getAccountGroups().stream() .map(group -> AccountGroupSelection.of(group, accountGroupIds.contains(group.id()))) .collect(Collectors.toList()); }
@Override public Collection<ProjectRoleAssociation> getProjectPermissionsForAccountGroup(AccountGroup group) { return roleRepository.findProjectRoleAssociationsByGroup( group.id(), rolesService::getProjectRoleAssociation ) .stream() // Filter by authorisation .filter(projectRoleAssociation -> securityService.isProjectFunctionGranted( projectRoleAssociation.getProjectId(), ProjectAuthorisationMgt.class )) // OK .collect(Collectors.toList()); }
private Optional<GlobalPermission> getGroupGlobalPermission(AccountGroup group) { Optional<String> roleId = roleRepository.findGlobalRoleByGroup(group.id()); if (roleId.isPresent()) { Optional<GlobalRole> globalRole = rolesService.getGlobalRole(roleId.get()); if (globalRole.isPresent()) { return Optional.of( new GlobalPermission( group.asPermissionTarget(), globalRole.get() ) ); } } return Optional.empty(); }
public static AccountGroupSelection of(AccountGroup group, boolean selected) { return new AccountGroupSelection(group.id(), group.getName(), selected); }
protected AccountGroup groupWithACL(AccountGroup group) { return group // Global role .withGlobalRole( roleRepository.findGlobalRoleByGroup(group.id()).flatMap(rolesService::getGlobalRole) ) // Project roles .withProjectRoles( roleRepository.findProjectRoleAssociationsByGroup(group.id(), rolesService::getProjectRoleAssociation) ) // OK .lock(); } }
@Override public List<AccountGroupMapping> getMappingsForGroup(AccountGroup group) { return getNamedParameterJdbcTemplate().query( "SELECT * FROM ACCOUNT_GROUP_MAPPING WHERE GROUPID = :groupId", params("groupId", group.id()), this::toAccountGroupMapping ); }
public PermissionTarget asPermissionTarget() { return new PermissionTarget( PermissionTargetType.GROUP, id(), getName(), getDescription() ); } }
private Optional<ProjectPermission> getGroupProjectPermission(ID projectId, AccountGroup accountGroup) { Optional<ProjectRoleAssociation> roleAssociationOptional = roleRepository.findProjectRoleAssociationsByGroup( accountGroup.id(), projectId.getValue(), rolesService::getProjectRoleAssociation ); if (roleAssociationOptional.isPresent()) { return Optional.of( new ProjectPermission( projectId, accountGroup.asPermissionTarget(), roleAssociationOptional.get().getProjectRole() ) ); } else { return Optional.empty(); } }
@Override public List<Account> getAccountsForGroup(AccountGroup accountGroup, Function<String, AuthenticationSource> authenticationSourceFunction) { return getNamedParameterJdbcTemplate().query( "SELECT A.* FROM ACCOUNTS A " + "INNER JOIN ACCOUNT_GROUP_LINK L ON L.ACCOUNT = A.ID " + "WHERE L.ACCOUNTGROUP = :accountGroupId " + "ORDER BY A.NAME ASC", params("accountGroupId", accountGroup.id()), (rs, num) -> toAccount( rs, authenticationSourceFunction ) ); } }
protected AccountGroup doCreateAccountGroupWithGlobalRole(String role) throws Exception { AccountGroup group = doCreateAccountGroup(); return asUser().with(AccountGroupManagement.class).call(() -> { accountService.saveGlobalPermission( PermissionTargetType.GROUP, group.id(), new PermissionInput(role) ); return group; }); }
@Override public void update(AccountGroup group) { try { getNamedParameterJdbcTemplate().update( "UPDATE ACCOUNT_GROUPS SET NAME = :name, DESCRIPTION = :description " + "WHERE ID = :id", params("name", group.getName()) .addValue("description", group.getDescription()) .addValue("id", group.id()) ); } catch (DuplicateKeyException ex) { throw new AccountGroupNameAlreadyDefinedException(group.getName()); } }