@Deprecated @Override public boolean allow(String iResource, int iCRUDOperation) { final String specificResource = ORule.mapLegacyResourceToSpecificResource(iResource); final ORule.ResourceGeneric resourceGeneric = ORule.mapLegacyResourceToGenericResource(iResource); if (specificResource == null || specificResource.equals("*")) return allow(resourceGeneric, null, iCRUDOperation); return allow(resourceGeneric, specificResource, iCRUDOperation); }
private void loadOldVersionOfRules(final Map<String, Number> storedRules) { if (storedRules != null) for (Entry<String, Number> a : storedRules.entrySet()) { ORule.ResourceGeneric resourceGeneric = ORule.mapLegacyResourceToGenericResource(a.getKey()); ORule rule = rules.get(resourceGeneric); if (rule == null) { rule = new ORule(resourceGeneric, null, null); rules.put(resourceGeneric, rule); } String specificResource = ORule.mapLegacyResourceToSpecificResource(a.getKey()); if (specificResource == null || specificResource.equals("*")) { rule.grantAccess(null, a.getValue().intValue()); } else { rule.grantAccess(specificResource, a.getValue().intValue()); } } }
public Boolean isAllowed(final String name, final int operation) { if (name == null) return allowed((byte) operation, access); if (specificResources.isEmpty()) return isAllowed(null, operation); final Byte ac = specificResources.get(name.toLowerCase(Locale.ENGLISH)); final Boolean allowed = allowed((byte) operation, ac); if (allowed == null) return isAllowed(null, operation); return allowed; }
@Deprecated public Map<String, Byte> getRules() { final Map<String, Byte> result = new HashMap<String, Byte>(); for (ORule rule : rules.values()) { String name = ORule.mapResourceGenericToLegacyResource(rule.getResourceGeneric()); if (rule.getAccess() != null) { result.put(name, rule.getAccess()); } for (Map.Entry<String, Byte> specificResource : rule.getSpecificResources().entrySet()) { result.put(name + "." + specificResource.getKey(), specificResource.getValue()); } } return result; }
public ORole addRule(final ORule.ResourceGeneric resourceGeneric, String resourceSpecific, final int iOperation) { ORule rule = rules.get(resourceGeneric); if (rule == null) { rule = new ORule(resourceGeneric, null, null); rules.put(resourceGeneric, rule); } rule.grantAccess(resourceSpecific, iOperation); rules.put(resourceGeneric, rule); updateRolesDocumentContent(); return this; }
@Override @Deprecated public <DB extends ODatabaseDocument> DB checkSecurity(final String iResourceGeneric, final int iOperation, final Object... iResourcesSpecific) { final ORule.ResourceGeneric resourceGeneric = ORule.mapLegacyResourceToGenericResource(iResourceGeneric); return checkSecurity(resourceGeneric, iOperation, iResourcesSpecific); }
/** * Revoke a permission to the resource. */ public ORole revoke(final ORule.ResourceGeneric resourceGeneric, String resourceSpecific, final int iOperation) { if (iOperation == PERMISSION_NONE) return this; ORule rule = rules.get(resourceGeneric); if (rule == null) { rule = new ORule(resourceGeneric, null, null); rules.put(resourceGeneric, rule); } rule.revokeAccess(resourceSpecific, iOperation); rules.put(resourceGeneric, rule); updateRolesDocumentContent(); return this; }
public boolean allow(final ORule.ResourceGeneric resourceGeneric, String resourceSpecific, final int iCRUDOperation) { final ORule rule = rules.get(resourceGeneric); if (rule != null) { final Boolean allowed = rule.isAllowed(resourceSpecific, iCRUDOperation); if (allowed != null) return allowed; } if (parentRole != null) // DELEGATE TO THE PARENT ROLE IF ANY return parentRole.allow(resourceGeneric, resourceSpecific, iCRUDOperation); return mode == ALLOW_MODES.ALLOW_ALL_BUT; }
public boolean hasRule(final ORule.ResourceGeneric resourceGeneric, String resourceSpecific) { ORule rule = rules.get(resourceGeneric); if (rule == null) return false; if (resourceSpecific != null && !rule.containsSpecificResource(resourceSpecific)) return false; return true; }
public OImmutableRole(ORole role) { if (role.getParentRole() == null) this.parentRole = null; else this.parentRole = new OImmutableRole(role.getParentRole()); this.mode = role.getMode(); this.name = role.getName(); this.rid = role.getIdentity().getIdentity(); this.role = role; for (ORule rule : role.getRuleSet()) rules.put(rule.getResourceGeneric(), rule); }
final Byte access = ruleDoc.field("access"); final ORule rule = new ORule(resourceGeneric, specificResources, access); rules.put(resourceGeneric, rule);
@Override @Deprecated public <DB extends ODatabaseDocument> DB checkSecurity(final String iResourceGeneric, final int iOperation, final Object iResourceSpecific) { final ORule.ResourceGeneric resourceGeneric = ORule.mapLegacyResourceToGenericResource(iResourceGeneric); if (iResourceSpecific == null || iResourceSpecific.equals("*")) return checkSecurity(resourceGeneric, iOperation, (Object) null); return checkSecurity(resourceGeneric, iOperation, iResourceSpecific); }
/** * Grant a permission to the resource. * * @return */ public ORole grant(final ORule.ResourceGeneric resourceGeneric, String resourceSpecific, final int iOperation) { ORule rule = rules.get(resourceGeneric); if (rule == null) { rule = new ORule(resourceGeneric, null, null); rules.put(resourceGeneric, rule); } rule.grantAccess(resourceSpecific, iOperation); rules.put(resourceGeneric, rule); updateRolesDocumentContent(); return this; }
public boolean allow(final ORule.ResourceGeneric resourceGeneric, final String resourceSpecific, final int iCRUDOperation) { final ORule rule = rules.get(resourceGeneric); if (rule != null) { final Boolean allowed = rule.isAllowed(resourceSpecific, iCRUDOperation); if (allowed != null) return allowed; } if (parentRole != null) // DELEGATE TO THE PARENT ROLE IF ANY return parentRole.allow(resourceGeneric, resourceSpecific, iCRUDOperation); return mode == ALLOW_MODES.ALLOW_ALL_BUT; }
public boolean hasRule(final ORule.ResourceGeneric resourceGeneric, String resourceSpecific) { ORule rule = rules.get(resourceGeneric); if (rule == null) return false; if (resourceSpecific != null && !rule.containsSpecificResource(resourceSpecific)) return false; return true; }
@Override @Deprecated public OSecurityRole allow(String iResource, int iOperation) { final String resourceSpecific = ORule.mapLegacyResourceToSpecificResource(iResource); final ORule.ResourceGeneric resourceGeneric = ORule.mapLegacyResourceToGenericResource(iResource); if (resourceSpecific == null || resourceSpecific.equals("*")) return allow(resourceGeneric, null, iOperation); return allow(resourceGeneric, resourceSpecific, iOperation); }
/** * Transform name to {@link ORule.ResourceGeneric} * @param name name to transform * @return {@link ORule.ResourceGeneric} or null */ public static ORule.ResourceGeneric getResourceGeneric(String name) { String shortName = Strings.beforeFirst(name, '.'); if(Strings.isEmpty(shortName)) shortName = name; ORule.ResourceGeneric value = ORule.ResourceGeneric.valueOf(shortName); if(value==null) value = ORule.mapLegacyResourceToGenericResource(name); return value; }
@Override @Deprecated public OSecurityRole checkIfAllowed(String iResource, int iOperation) { final String resourceSpecific = ORule.mapLegacyResourceToSpecificResource(iResource); final ORule.ResourceGeneric resourceGeneric = ORule.mapLegacyResourceToGenericResource(iResource); if (resourceSpecific == null || resourceSpecific.equals("*")) return checkIfAllowed(resourceGeneric, null, iOperation); return checkIfAllowed(resourceGeneric, resourceSpecific, iOperation); }
/** * Transform name to {@link ORule.ResourceGeneric} * @param name name to transform * @return {@link ORule.ResourceGeneric} or null */ public static ORule.ResourceGeneric getResourceGeneric(String name) { String shortName = Strings.beforeFirst(name, '.'); if(Strings.isEmpty(shortName)) shortName = name; ORule.ResourceGeneric value = ORule.ResourceGeneric.valueOf(shortName); if(value==null) value = ORule.mapLegacyResourceToGenericResource(name); return value; }