public RESTSecurityRule(SecurityRule rule) { if(rule.getUser() != null) { User ruleUser = rule.getUser(); user = new RESTUser(); user.setId(ruleUser.getId()); user.setName(ruleUser.getName()); } if(rule.getGroup() != null) { UserGroup ruleGroup = rule.getGroup(); group = new RESTUserGroup(); group.setId(ruleGroup.getId()); group.setGroupName(ruleGroup.getGroupName()); } canRead = rule.isCanRead(); canWrite = rule.isCanWrite(); }
SecurityRule securityRule = new SecurityRule(); Resource resource = new Resource(); resource.setId(resourceId); securityRule.setResource(resource); securityRule.setUser(user); UserGroup group = new UserGroup(); group.setId(rule.getGroup().getId()); securityRule.setGroup(group); securityRule.setCanRead(rule.isCanRead()); securityRule.setCanWrite(rule.isCanWrite());
} else { for (SecurityRule rule : resource.getSecurity()) { User owner = rule.getUser(); UserGroup userGroup = rule.getGroup(); if (owner != null) { if (owner.getId().equals(authUser.getId())) { if (rule.isCanWrite()) { shortResource.setCanEdit(true); shortResource.setCanDelete(true); List<String> groups = extratcGroupNames(authUser.getGroups()); if (groups.contains(userGroup.getGroupName())) { if (rule.isCanWrite()) { shortResource.setCanEdit(true); shortResource.setCanDelete(true);
@Override public void updateSecurityRules(long id, List<SecurityRule> rules) throws BadRequestServiceEx, InternalErrorServiceEx, NotFoundServiceEx { Resource resource = resourceDAO.find(id); if (resource != null) { Search searchCriteria = new Search(); searchCriteria.addFilterEqual("resource.id", id); List<SecurityRule> resourceRules = this.securityDAO.search(searchCriteria); // remove previous rules for (SecurityRule rule : resourceRules) { securityDAO.remove(rule); } // insert new rules for (SecurityRule rule : rules) { rule.setResource(resource); //Retrieve from db the entity usergroup, if the securityrule is related to a group if (rule.getGroup() != null) { UserGroup ug = userGroupDAO.find(rule.getGroup().getId()); if (ug == null) { throw new InternalErrorServiceEx("The usergroup having the provided Id doesn't exist"); } rule.setGroup(ug); } securityDAO.persist(rule); } } else { throw new NotFoundServiceEx("Resource not found " + id); } }
SecurityRule userSecurityRule = new SecurityRule(); userSecurityRule.setCanRead(true); userSecurityRule.setCanWrite(true); userSecurityRule.setUser(authUser); securities.add(userSecurityRule);
ret.canRead |= rule.isCanRead(); ret.canWrite |= rule.isCanWrite(); ret.canRead |= rule.isCanRead(); ret.canWrite |= rule.isCanWrite();
if (sr.isCanWrite()){ return true; if (sr.isCanWrite()){ return true;
rule.setResource(r); securityDAO.persist(rule);
@Override public List<SecurityRule> findGroupSecurityRule(List<String> userGroups, long resourceId) { Search searchCriteria = new Search(StoredData.class); //get all the security rules searchCriteria.addField("resource.security"); Filter securityFilter = Filter.some( "resource.security",Filter.equal("resource.security.resource.id", resourceId) ); searchCriteria.addFilter(securityFilter); List<SecurityRule> rules = super.search(searchCriteria); //WORKAROUND (See ResourceDAOImpl) List<SecurityRule> filteredRules = new ArrayList<SecurityRule>(); for(SecurityRule sr : rules){ if(sr.getGroup() != null && userGroups.contains(sr.getGroup().getGroupName())){ filteredRules.add(sr); } } return filteredRules; }
if(sr == null){ SecurityRule newSR = new SecurityRule(); newSR.setCanRead(canRead); newSR.setCanWrite(canWrite); newSR.setGroup(group); newSR.setResource(resource); securityDAO.persist(newSR); resource.getSecurity().add(newSR); sr.setCanRead(canRead); sr.setCanWrite(canWrite); securityDAO.merge(sr);
@Deprecated @Override public List<SecurityRule> findGroupSecurityRule(List<String> groupNames, long resourceId) { Search searchCriteria = new Search(Resource.class); searchCriteria.addField("security"); Filter securityFilter = Filter.some("security", Filter.equal("resource.id", resourceId)); //Advanced filters Filters doesn't work, I don't know why... // Filter securityFilter = Filter.some( // "security", // Filter.and(Filter.equal("resource.id", resourceId), // Filter.in("group.groupName", groupNames), // Filter.isNotEmpty("group"))); searchCriteria.addFilter(securityFilter); List<SecurityRule> rules = super.search(searchCriteria); //WORKAROUND List<SecurityRule> filteredRules = new ArrayList<SecurityRule>(); for(SecurityRule sr : rules){ if(sr.getGroup() != null && groupNames.contains(sr.getGroup().getGroupName())){ filteredRules.add(sr); } } return filteredRules; }