RelationshipQuery<Grant> query = relationshipManager.createRelationshipQuery(Grant.class); relationshipManager.remove(grant);
RelationshipQuery<Grant> query = relationshipManager.createRelationshipQuery(Grant.class); return relationshipManager.inheritsPrivileges(assignee, role);
/** * <p> Grants the given {@link Role} to the provided {@link IdentityType}. </p> * * @param assignee A previously loaded {@link IdentityType} instance. Valid instances are only from the {@link Account} and {@link Group} types. * @param role A previously loaded {@link Role} instance. * * @throws IdentityManagementException If the method fails. */ public static void grantRole(RelationshipManager relationshipManager, IdentityType assignee, Role role) throws IdentityManagementException { if (relationshipManager == null) { throw MESSAGES.nullArgument("RelationshipManager"); } if (assignee == null) { throw MESSAGES.nullArgument("IdentityType"); } if (!Account.class.isInstance(assignee) && !Group.class.isInstance(assignee)) { throw MESSAGES.unexpectedType(assignee.getClass()); } if (role == null) { throw MESSAGES.nullArgument("Role"); } relationshipManager.add(new Grant(assignee, role)); }
private Set<Role> getRolesOfCurrentUser() { Set<Role> roles = new HashSet<Role>(); if (identity.isLoggedIn()) { RelationshipQuery<Grant> query = relationshipManager.createRelationshipQuery(Grant.class); query.setParameter(Grant.ASSIGNEE, identity.getAccount()); for (final Grant grant : query.getResultList()) { roles.add(new RoleImpl(grant.getRole().getName())); } } return roles; }
private VotingResult checkPermission(IdentityType recipient, List<Permission> permissions) { RelationshipManager relationshipManager = partitionManager.createRelationshipManager(); for (Permission permission : permissions) { if (permission instanceof IdentityPermission) { IdentityPermission idPermission = (IdentityPermission) permission; if (relationshipManager.inheritsPrivileges(recipient, idPermission.getAssignee())) { return VotingResult.ALLOW; } } } return VotingResult.NOT_APPLICABLE; } }
private Set<Role> getRolesOfCurrentUser() { Set<Role> roles = new HashSet<Role>(); if (identity.isLoggedIn()) { RelationshipQuery<Grant> query = relationshipManager.createRelationshipQuery(Grant.class); query.setParameter(Grant.ASSIGNEE, identity.getAccount()); for (final Grant grant : query.getResultList()) { roles.add(new RoleImpl(grant.getRole().getName())); } } return roles; }
private VotingResult checkPermission(IdentityType recipient, List<Permission> permissions) { RelationshipManager relationshipManager = partitionManager.createRelationshipManager(); for (Permission permission : permissions) { if (permission instanceof IdentityPermission) { IdentityPermission idPermission = (IdentityPermission) permission; if (relationshipManager.inheritsPrivileges(recipient, idPermission.getAssignee())) { return VotingResult.ALLOW; } } } return VotingResult.NOT_APPLICABLE; } }
RelationshipQuery<Grant> query = relationshipManager.createRelationshipQuery(Grant.class); relationshipManager.remove(grant);
RelationshipQuery<Grant> query = relationshipManager.createRelationshipQuery(Grant.class); return relationshipManager.inheritsPrivileges(assignee, role);
RelationshipQuery query = relationshipManager.createRelationshipQuery(Relationship.class);
/** * <p> Grants the given {@link Role} to the provided {@link IdentityType}. </p> * * @param assignee A previously loaded {@link IdentityType} instance. Valid instances are only from the {@link Account} and {@link Group} types. * @param role A previously loaded {@link Role} instance. * * @throws IdentityManagementException If the method fails. */ public static void grantRole(RelationshipManager relationshipManager, IdentityType assignee, Role role) throws IdentityManagementException { if (relationshipManager == null) { throw MESSAGES.nullArgument("RelationshipManager"); } if (assignee == null) { throw MESSAGES.nullArgument("IdentityType"); } if (!Account.class.isInstance(assignee) && !Group.class.isInstance(assignee)) { throw MESSAGES.unexpectedType(assignee.getClass()); } if (role == null) { throw MESSAGES.nullArgument("Role"); } relationshipManager.add(new Grant(assignee, role)); }
/** * <p> Removes the given {@link Account} from the provided {@link Group}. </p> * * @param member A previously loaded {@link Account} instance. * @param group A previously loaded {@link Group} instance. * * @throws IdentityManagementException If the method fails. */ public static void removeFromGroup(RelationshipManager relationshipManager, Account member, Group group) throws IdentityManagementException { if (relationshipManager == null) { throw MESSAGES.nullArgument("RelationshipManager"); } if (member == null) { throw MESSAGES.nullArgument("Account"); } if (group == null) { throw MESSAGES.nullArgument("Group"); } RelationshipQuery<GroupMembership> query = relationshipManager.createRelationshipQuery(GroupMembership.class); query.setParameter(GroupMembership.MEMBER, member); query.setParameter(GroupMembership.GROUP, group); for (GroupMembership membership : query.getResultList()) { relationshipManager.remove(membership); } }
.createRelationshipQuery(relationshipType) .setParameter(Relationship.RELATIONSHIP_QUERY_ATTRIBUTE.byName(roleProperty.getName()), role) .setParameter(Relationship.RELATIONSHIP_QUERY_ATTRIBUTE.byName(accountProperty.getName()), identity boolean inheritsPrivileges = relationshipManager.inheritsPrivileges(identity.getAccount(), role);
RelationshipQuery query = relationshipManager.createRelationshipQuery(Relationship.class);
/** * <p> Adds the given {@link Account} as a member of the provided {@link Group}. </p> * * @param member A previously loaded {@link Account} instance. * @param group A previously loaded {@link Group} instance. * * @throws IdentityManagementException If the method fails. */ public static void addToGroup(RelationshipManager relationshipManager, Account member, Group group) throws IdentityManagementException { if (relationshipManager == null) { throw MESSAGES.nullArgument("RelationshipManager"); } if (member == null) { throw MESSAGES.nullArgument("Account"); } if (group == null) { throw MESSAGES.nullArgument("Group"); } relationshipManager.add(new GroupMembership(member, group)); }
/** * <p> Removes the given {@link Account} from the provided {@link Group}. </p> * * @param member A previously loaded {@link Account} instance. * @param group A previously loaded {@link Group} instance. * * @throws IdentityManagementException If the method fails. */ public static void removeFromGroup(RelationshipManager relationshipManager, Account member, Group group) throws IdentityManagementException { if (relationshipManager == null) { throw MESSAGES.nullArgument("RelationshipManager"); } if (member == null) { throw MESSAGES.nullArgument("Account"); } if (group == null) { throw MESSAGES.nullArgument("Group"); } RelationshipQuery<GroupMembership> query = relationshipManager.createRelationshipQuery(GroupMembership.class); query.setParameter(GroupMembership.MEMBER, member); query.setParameter(GroupMembership.GROUP, group); for (GroupMembership membership : query.getResultList()) { relationshipManager.remove(membership); } }
.createRelationshipQuery(relationshipType) .setParameter(Relationship.RELATIONSHIP_QUERY_ATTRIBUTE.byName(roleProperty.getName()), role) .setParameter(Relationship.RELATIONSHIP_QUERY_ATTRIBUTE.byName(accountProperty.getName()), identity boolean inheritsPrivileges = relationshipManager.inheritsPrivileges(identity.getAccount(), role);
RelationshipQuery<GroupMembership> query = relationshipManager.createRelationshipQuery(GroupMembership.class);
/** * <p> Adds the given {@link Account} as a member of the provided {@link Group}. </p> * * @param member A previously loaded {@link Account} instance. * @param group A previously loaded {@link Group} instance. * * @throws IdentityManagementException If the method fails. */ public static void addToGroup(RelationshipManager relationshipManager, Account member, Group group) throws IdentityManagementException { if (relationshipManager == null) { throw MESSAGES.nullArgument("RelationshipManager"); } if (member == null) { throw MESSAGES.nullArgument("Account"); } if (group == null) { throw MESSAGES.nullArgument("Group"); } relationshipManager.add(new GroupMembership(member, group)); }
@Override protected void doRemove(IdentityType attributedType) { RelationshipQuery<Relationship> query = this.relationshipManager.createRelationshipQuery(Relationship.class); query.setParameter(Relationship.IDENTITY, attributedType); for (Relationship relationship : query.getResultList()) { this.relationshipManager.remove(relationship); } if (this.permissionManager != null) { List<Permission> permissions = this.permissionManager.listPermissions(attributedType); for (Permission permission : permissions) { this.permissionManager.revokePermission(attributedType, permission.getResourceClass(), permission.getOperation()); } } IdentityContext identityContext = getIdentityContext(); getStoreSelector().getStoreForIdentityOperation(identityContext, IdentityStore.class, attributedType.getClass(), IdentityOperation.delete) .remove(identityContext, attributedType); }