@Override public Optional<EffectedPermissions> getEffectedPermissionsFor(final CharSequence label, final SubjectId subjectId, final ResourceKey resourceKey) { final Label lbl = Label.of(label); Optional<EffectedPermissions> result = Optional.empty(); final PolicyEntry policyEntry = entries.get(lbl); if (null != policyEntry) { final Subjects subjects = policyEntry.getSubjects(); final Optional<Subject> subjectOptional = subjects.getSubject(subjectId); if (subjectOptional.isPresent()) { final Resources resources = policyEntry.getResources(); result = resources.getResource(resourceKey).map(Resource::getEffectedPermissions); } } return result; }
@Override protected void appendPayload(final JsonObjectBuilder jsonObjectBuilder, final JsonSchemaVersion schemaVersion, final Predicate<JsonField> thePredicate) { final Predicate<JsonField> predicate = schemaVersion.and(thePredicate); jsonObjectBuilder.set(JSON_LABEL, policyEntry.getLabel().toString(), predicate); jsonObjectBuilder.set(JSON_POLICY_ENTRY, policyEntry.toJson(schemaVersion, thePredicate), predicate); }
/** * Creates a response to a {@code RetrievePolicyEntry} command. * * @param policyId the Policy ID of the retrieved policy entry. * @param policyEntry the retrieved Policy entry. * @param dittoHeaders the headers of the preceding command. * @return the response. * @throws NullPointerException if any argument is {@code null}. */ public static RetrievePolicyEntryResponse of(final String policyId, final PolicyEntry policyEntry, final DittoHeaders dittoHeaders) { return new RetrievePolicyEntryResponse(policyId, HttpStatusCode.OK, policyEntry.getLabel().toString(), checkNotNull(policyEntry, "Policy Entry") .toJson(dittoHeaders.getSchemaVersion().orElse(policyEntry.getLatestSchemaVersion())), dittoHeaders); }
static PolicyEntry substitutePolicyEntry(final PolicyEntry existingPolicyEntry, final HeaderBasedPlaceholderSubstitutionAlgorithm substitutionAlgorithm, final DittoHeaders dittoHeaders) { final Subjects existingSubjects = existingPolicyEntry.getSubjects(); final Subjects substitutedSubjects = substituteSubjects(existingSubjects, substitutionAlgorithm, dittoHeaders); final PolicyEntry resultEntry; if (existingSubjects.equals(substitutedSubjects)) { resultEntry = existingPolicyEntry; } else { resultEntry = PolicyEntry.newInstance(existingPolicyEntry.getLabel(), substitutedSubjects, existingPolicyEntry.getResources()); } return resultEntry; }
private void setPolicyEntry(final PolicyEntry entry) { putAllSubjects(entry); final Label label = entry.getLabel(); grantedPermissions.put(label, new LinkedHashMap<>()); revokedPermissions.put(label, new LinkedHashMap<>()); setResourcesFor(entry.getLabel(), entry.getResources()); }
private boolean hasPermissionGranted(final PolicyEntry policyEntry) { return policyEntry.getResources().stream() // .anyMatch(resource -> { final boolean isRootResource = ROOT_RESOURCE.equals(resource.getResourceKey()); final boolean containsGrantedPermissions = resource.getEffectedPermissions() .getGrantedPermissions() .contains(Permission.MIN_REQUIRED_POLICY_PERMISSIONS); return isRootResource && containsGrantedPermissions; }); }
@Override public JsonPointer getResourcePath() { final String path = "/entries/" + policyEntry.getLabel(); return JsonPointer.of(path); }
@Override protected void doApply(final RetrieveSubjects command) { final Optional<PolicyEntry> optionalEntry = policy.getEntryFor(command.getLabel()); if (optionalEntry.isPresent()) { final RetrieveSubjectsResponse response = RetrieveSubjectsResponse.of(policyId, command.getLabel(), optionalEntry.get().getSubjects(), command.getDittoHeaders()); sendSuccessResponse(command, response); } else { policyEntryNotFound(command.getLabel(), command.getDittoHeaders()); } }
private void putAllSubjects(final PolicyEntry policyEntry) { final Subjects entrySubjects = policyEntry.getSubjects(); final Map<SubjectId, Subject> subjectsMap = new LinkedHashMap<>(entrySubjects.getSize()); entrySubjects.forEach(entrySubject -> subjectsMap.put(entrySubject.getId(), entrySubject)); subjects.put(policyEntry.getLabel(), subjectsMap); }
@Override protected void doApply(final ModifyPolicyEntry command) { final PolicyEntry policyEntry = command.getPolicyEntry(); final Label label = policyEntry.getLabel(); final DittoHeaders dittoHeaders = command.getDittoHeaders(); final long policyLength = policy.removeEntry(label).toJsonString().length(); final long entryLength = policyEntry.toJsonString().length() + label.toString().length() + 5L; return policyLength + entryLength; }, command::getDittoHeaders);
/** * Returns all non hidden marked fields of this Policy entry. * * @return a JSON object representation of this Policy entry including only non hidden marked fields. */ @Override default JsonObject toJson() { return toJson(FieldType.notHidden()); }
private ModifyPolicyEntry(final String policyId, final PolicyEntry policyEntry, final DittoHeaders dittoHeaders) { super(TYPE, dittoHeaders); PolicyIdValidator.getInstance().accept(policyId, dittoHeaders); this.policyId = policyId; this.policyEntry = policyEntry; PolicyCommandSizeValidator.getInstance().ensureValidSize(() -> policyEntry.toJsonString().length(), () -> dittoHeaders); }
private boolean hasPermissionGranted(final PolicyEntry policyEntry) { return policyEntry.getResources().stream() // .anyMatch(resource -> { final boolean isRootResource = ROOT_RESOURCE.equals(resource.getResourceKey()); final boolean containsGrantedPermissions = resource.getEffectedPermissions() .getGrantedPermissions() .contains(Permission.MIN_REQUIRED_POLICY_PERMISSIONS); return isRootResource && containsGrantedPermissions; }); }
@Override public JsonPointer getResourcePath() { final String path = "/entries/" + policyEntry.getLabel(); return JsonPointer.of(path); }
@Override protected void doApply(final RetrieveSubjects command) { final Optional<PolicyEntry> optionalEntry = policy.getEntryFor(command.getLabel()); if (optionalEntry.isPresent()) { final RetrieveSubjectsResponse response = RetrieveSubjectsResponse.of(policyId, command.getLabel(), optionalEntry.get().getSubjects(), command.getDittoHeaders()); sendSuccessResponse(command, response); } else { policyEntryNotFound(command.getLabel(), command.getDittoHeaders()); } }
@Override protected void doApply(final ModifyPolicyEntry command) { final PolicyEntry policyEntry = command.getPolicyEntry(); final Label label = policyEntry.getLabel(); final DittoHeaders dittoHeaders = command.getDittoHeaders(); final long policyLength = policy.removeEntry(label).toJsonString().length(); final long entryLength = policyEntry.toJsonString().length() + label.toString().length() + 5L; return policyLength + entryLength; }, command::getDittoHeaders);
@Override public Optional<JsonValue> getEntity(final JsonSchemaVersion schemaVersion) { return Optional.of(policyEntry.toJson(schemaVersion, FieldType.regularOrSpecial())); }
private ModifyPolicyEntry(final String policyId, final PolicyEntry policyEntry, final DittoHeaders dittoHeaders) { super(TYPE, dittoHeaders); PolicyIdValidator.getInstance().accept(policyId, dittoHeaders); this.policyId = policyId; this.policyEntry = policyEntry; PolicyCommandSizeValidator.getInstance().ensureValidSize(() -> policyEntry.toJsonString().length(), () -> dittoHeaders); }
@Override protected void appendPayload(final JsonObjectBuilder jsonObjectBuilder, final JsonSchemaVersion schemaVersion, final Predicate<JsonField> thePredicate) { final Predicate<JsonField> predicate = schemaVersion.and(thePredicate); jsonObjectBuilder.set(JSON_LABEL, policyEntry.getLabel().toString(), predicate); jsonObjectBuilder.set(JSON_POLICY_ENTRY, policyEntry.toJson(schemaVersion, thePredicate), predicate); }
@Override public Policy removeSubjectFor(final CharSequence label, final SubjectId subjectId) { final Label lbl = Label.of(label); Policy result = this; final PolicyEntry existingPolicyEntry = entries.get(lbl); if (null != existingPolicyEntry) { final Subjects existingSubjects = existingPolicyEntry.getSubjects(); final Subjects newSubjects = existingSubjects.removeSubject(subjectId); if (!Objects.equals(existingSubjects, newSubjects)) { final Map<Label, PolicyEntry> entriesCopy = copyEntries(); entriesCopy.put(lbl, newPolicyEntry(lbl, newSubjects, existingPolicyEntry.getResources())); result = new ImmutablePolicy(policyId, entriesCopy, lifecycle, revision, modified); } } return result; }