public void validateResourceCompatibility(AuthorizationEntity authorization) { int resourceType = authorization.getResourceType(); Set<Permission> permissionSet = authorization.getCachedPermissions(); for (Permission permission : permissionSet) { if (!ResourceTypeUtil.resourceIsContainedInArray(resourceType, permission.getTypes())) { throw LOG.invalidResourceForAuthorization(resourceType, permission.getName()); } } }
public AuthorizationQuery hasPermission(Permission p) { queryByPermission = true; if (resourcesIntersection.size() == 0) { resourcesIntersection.addAll(Arrays.asList(p.getTypes())); } else { resourcesIntersection.retainAll(new HashSet<Resource>(Arrays.asList(p.getTypes()))); } this.permission |= p.getValue(); return this; }
public static String[] getNamesForPermissions(Authorization authorization, Permission[] permissions) { int type = authorization.getAuthorizationType(); // special case all permissions are granted if ((type == Authorization.AUTH_TYPE_GLOBAL || type == Authorization.AUTH_TYPE_GRANT) && authorization.isEveryPermissionGranted()) { return new String[] { Permissions.ALL.getName() }; } // special case all permissions are revoked if (type == Authorization.AUTH_TYPE_REVOKE && authorization.isEveryPermissionRevoked()) { return new String[] { Permissions.ALL.getName() }; } List<String> names = new ArrayList<String>(); for (Permission permission : permissions) { String name = permission.getName(); // filter NONE and ALL from permissions array if (!name.equals(Permissions.NONE.getName()) && !name.equals(Permissions.ALL.getName())) { names.add(name); } } return names.toArray(new String[names.size()]); }
public void setPermission(Permission permission) { this.permission = permission; if (permission != null) { perms = permission.getValue(); } }
protected static MissingAuthorization asMissingAuthorization(Authorization authorization) { String permissionName = null; String resourceId = null; String resourceName = null; Permission[] permissions = AuthorizationTestUtil.getPermissions(authorization); for (Permission permission : permissions) { if (permission.getValue() != Permissions.NONE.getValue()) { permissionName = permission.getName(); break; } } if (!Authorization.ANY.equals(authorization.getResourceId())) { // missing ANY authorizations are not explicitly represented in the error message resourceId = authorization.getResourceId(); } Resource resource = AuthorizationTestUtil.getResourceByType(authorization.getResourceType()); resourceName = resource.resourceName(); return new MissingAuthorization(permissionName, resourceName, resourceId); }
protected boolean isResourceValidForPermission(PermissionCheck permissionCheck) { Resource[] permissionResources = permissionCheck.getPermission().getTypes(); Resource givenResource = permissionCheck.getResource(); return ResourceTypeUtil.resourceIsContainedInArray(givenResource.resourceType(), permissionResources); }
public static String[] getNamesForPermissions(Authorization authorization, Permission[] permissions) { int type = authorization.getAuthorizationType(); // special case all permissions are granted if ((type == Authorization.AUTH_TYPE_GLOBAL || type == Authorization.AUTH_TYPE_GRANT) && authorization.isEveryPermissionGranted()) { return new String[] { Permissions.ALL.getName() }; } // special case all permissions are revoked if (type == Authorization.AUTH_TYPE_REVOKE && authorization.isEveryPermissionRevoked()) { return new String[] { Permissions.ALL.getName() }; } List<String> names = new ArrayList<String>(); for (Permission permission : permissions) { String name = permission.getName(); // filter NONE and ALL from permissions array if (!name.equals(Permissions.NONE.getName()) && !name.equals(Permissions.ALL.getName())) { names.add(name); } } return names.toArray(new String[names.size()]); }
public void setPermission(Permission permission) { this.permission = permission; if (permission != null) { perms = permission.getValue(); } }
protected boolean isResourceValidForPermission(PermissionCheck permissionCheck) { Resource[] permissionResources = permissionCheck.getPermission().getTypes(); Resource givenResource = permissionCheck.getResource(); return ResourceTypeUtil.resourceIsContainedInArray(givenResource.resourceType(), permissionResources); }
public String toString() { StringBuilder sb = new StringBuilder(); sb.append("[Resource: "); sb.append(resource); sb.append(", Resource Id: "); sb.append(resourceId); sb.append(", Type: "); sb.append(type); sb.append(", User Id: "); sb.append(userId); sb.append(", Permissions: ["); for (Permission permission : permissions) { sb.append(permission.getName()); sb.append(", "); } sb.append("]]"); return sb.toString(); } }
public AuthorizationQuery hasPermission(Permission p) { queryByPermission = true; if (resourcesIntersection.size() == 0) { resourcesIntersection.addAll(Arrays.asList(p.getTypes())); } else { resourcesIntersection.retainAll(new HashSet<Resource>(Arrays.asList(p.getTypes()))); } this.permission |= p.getValue(); return this; }
public void addPermission(Permission p) { cachedPermissions.add(p); permissions |= p.getValue(); }
public void validateResourceCompatibility(AuthorizationEntity authorization) { int resourceType = authorization.getResourceType(); Set<Permission> permissionSet = authorization.getCachedPermissions(); for (Permission permission : permissionSet) { if (!ResourceTypeUtil.resourceIsContainedInArray(resourceType, permission.getTypes())) { throw LOG.invalidResourceForAuthorization(resourceType, permission.getName()); } } }
public void checkAuthorization(CompositePermissionCheck compositePermissionCheck) { if(isAuthCheckExecuted()) { Authentication currentAuthentication = getCurrentAuthentication(); String userId = currentAuthentication.getUserId(); boolean isAuthorized = isAuthorized(compositePermissionCheck); if (!isAuthorized) { List<MissingAuthorization> missingAuthorizations = new ArrayList<MissingAuthorization>(); for (PermissionCheck check: compositePermissionCheck.getAllPermissionChecks()) { missingAuthorizations.add(new MissingAuthorization( check.getPermission().getName(), check.getResource().resourceName(), check.getResourceId())); } throw new AuthorizationException(userId, missingAuthorizations); } } }
public boolean isPermissionRevoked(Permission p) { if(AUTH_TYPE_GRANT == authorizationType) { throw LOG.permissionStateException("isPermissionRevoked", "GRANT"); } ensureNotNull("Authorization 'resourceType' cannot be null", "authorization.getResource()", resourceType); if (!ResourceTypeUtil.resourceIsContainedInArray(resourceType, p.getTypes())) { return false; } return (permissions & p.getValue()) != p.getValue(); }
public void removePermission(Permission p) { cachedPermissions.add(p); permissions &= ~p.getValue(); }
public void checkAuthorization(List<PermissionCheck> permissionChecks) { if(isAuthCheckExecuted()) { Authentication currentAuthentication = getCurrentAuthentication(); String userId = currentAuthentication.getUserId(); boolean isAuthorized = isAuthorized(userId, currentAuthentication.getGroupIds(), permissionChecks); if (!isAuthorized) { List<MissingAuthorization> missingAuthorizations = new ArrayList<MissingAuthorization>(); for (PermissionCheck check: permissionChecks) { missingAuthorizations.add(new MissingAuthorization( check.getPermission().getName(), check.getResource().resourceName(), check.getResourceId())); } throw new AuthorizationException(userId, missingAuthorizations); } } }
public boolean isPermissionGranted(Permission p) { if(AUTH_TYPE_REVOKE == authorizationType) { throw LOG.permissionStateException("isPermissionGranted", "REVOKE"); } ensureNotNull("Authorization 'resourceType' cannot be null", "authorization.getResource()", resourceType); if (!ResourceTypeUtil.resourceIsContainedInArray(resourceType, p.getTypes())) { return false; } return (permissions & p.getValue()) == p.getValue(); }
public void removePermission(Permission p) { cachedPermissions.add(p); permissions &= ~p.getValue(); }