public static SimpleEntity toEntity(GrantObject grantObject) { SimpleEntity entity = new SimpleEntity(); entity.addProperty(Constants.GRANT_OBJECT, grantObject.getObjectName()); for(Grant grant : grantObject.getGrants()) { EmbeddedEntity grantEntity = new EmbeddedEntity(); grantEntity.setProperty(Constants.GRANT_USER, grant.getGrantedUsername()); grantEntity.setProperty(Constants.GRANT_MODE, grant.getAccessMode().getMode()); entity.addEntity(Constants.GRANTS, grantEntity); } return entity; }
public static GrantObject fromEntity(Entity entity) { String grantObject = entity.getValue(Constants.GRANT_OBJECT).toString(); Map<String, Grant> userGrants = new ConcurrentHashMap<>(); Property grantsProperty = entity.getProperty(Constants.GRANTS); for(Value grantValue : grantsProperty.getValues()) { EntityValue entityValue = (EntityValue) grantValue; String grantUser = entityValue.toEntity().getValue(Constants.GRANT_USER).toString(); String grantMode = entityValue.toEntity().getValue(Constants.GRANT_MODE).toString(); userGrants.put(grantUser, new GrantMeta(grantUser, AccessMode.fromMode(grantMode))); } return new GrantObjectMeta(grantObject, userGrants); }
private boolean checkGrantHierarchy(String objectName, UserSession userSession, AccessMode objectMode) throws JasDBStorageException { String userName = userSession.getUser().getUsername(); LOG.debug("Checking grant hierarchy for: {} for user: {}", objectName, userName); //check root read access StringBuilder currentPath = new StringBuilder(); currentPath.append(Constants.OBJECT_SEPARATOR); AccessMode grantedMode = getGrantedMode(currentPath.toString(), userSession); LOG.debug("Root access mode: {} for user: {}", grantedMode, userName); grantedMode = grantedMode == null ? AccessMode.NONE : grantedMode; String[] pathElements = objectName.replaceFirst(Constants.OBJECT_SEPARATOR, "").split(Constants.OBJECT_SEPARATOR); for(String pathElement : pathElements) { currentPath.append(pathElement); AccessMode mode = getGrantedMode(currentPath.toString(), userSession); if(mode != null) { grantedMode = mode; if(mode == AccessMode.NONE) { break; } } currentPath.append(Constants.OBJECT_SEPARATOR); } LOG.debug("Grant level: {} for path: {}", grantedMode, currentPath.toString()); boolean granted = grantedMode != null ? grantedMode.getRank() >= objectMode.getRank() : false; return granted; }