public static Permissions getIngestPermissions(String username) { Permissions permissions = new Permissions(); permissions.setUserPermissions(username, new HashSet<>(Arrays.asList(Permissions.PermissionType.CREATE, Permissions.PermissionType.READ, Permissions.PermissionType.UPDATE, Permissions.PermissionType.DELETE, Permissions.PermissionType.GRANT))); permissions.setGroupPermissions(RodaConstants.ADMINISTRATORS, new HashSet<>(Arrays.asList(Permissions.PermissionType.CREATE, Permissions.PermissionType.READ, Permissions.PermissionType.UPDATE, Permissions.PermissionType.DELETE, Permissions.PermissionType.GRANT))); return permissions; } }
public static Permissions grantAllPermissions(String username, Permissions permissions, Permissions parentPermissions) throws GenericException, NotFoundException, RequestNotValidException, AuthorizationDeniedException { Permissions grantedPermissions = grantPermissionToUser(username, permissions); for (String name : parentPermissions.getUsernames()) { grantedPermissions.setUserPermissions(name, parentPermissions.getUserPermissions(name)); } for (String name : parentPermissions.getGroupnames()) { grantedPermissions.setGroupPermissions(name, parentPermissions.getGroupPermissions(name)); } return grantedPermissions; }
public static Permissions getPermissions(SolrDocument doc) { Permissions permissions = new Permissions(); EnumMap<PermissionType, Set<String>> userPermissions = new EnumMap<>(PermissionType.class); for (PermissionType type : PermissionType.values()) { String key = RodaConstants.INDEX_PERMISSION_USERS_PREFIX + type; Set<String> users = new HashSet<>(); users.addAll(objectToListString(doc.get(key))); userPermissions.put(type, users); } EnumMap<PermissionType, Set<String>> groupPermissions = new EnumMap<>(PermissionType.class); for (PermissionType type : PermissionType.values()) { String key = RodaConstants.INDEX_PERMISSION_GROUPS_PREFIX + type; Set<String> groups = new HashSet<>(); groups.addAll(objectToListString(doc.get(key))); groupPermissions.put(type, groups); } permissions.setUsers(userPermissions); permissions.setGroups(groupPermissions); return permissions; }
DIP dip = this.retrieveDIP(id); Permissions permissions = dip.getPermissions(); Set<PermissionType> userPermissions = permissions.getUserPermissions(username); userPermissions.addAll(permissions.getGroupPermissions(group)); AIP aip = this.retrieveAIP(id); Permissions permissions = aip.getPermissions(); Set<PermissionType> userPermissions = permissions.getUserPermissions(username); userPermissions.addAll(permissions.getGroupPermissions(group));
private static Optional<String> createGhost(String ancestor, Optional<String> parent, ModelService model, IndexService index, String jobId) throws NotFoundException, GenericException, RequestNotValidException, AlreadyExistsException, AuthorizationDeniedException { String username = getJobUsername(jobId, index); Permissions permissions = new Permissions(); permissions.setUserPermissions(username, new HashSet<>(Arrays.asList(Permissions.PermissionType.CREATE, Permissions.PermissionType.READ, Permissions.PermissionType.UPDATE, Permissions.PermissionType.DELETE, Permissions.PermissionType.GRANT))); boolean isGhost = true; AIP ghostAIP = model.createAIP(parent.orElse(null), "", permissions, Arrays.asList(ancestor), jobId, true, username, isGhost); return Optional.ofNullable(ghostAIP.getId()); }
@Override public int hashCode() { int result = id != null ? id.hashCode() : 0; result = 31 * result + (title != null ? title.hashCode() : 0); result = 31 * result + (description != null ? description.hashCode() : 0); result = 31 * result + (type != null ? type.hashCode() : 0); result = 31 * result + (dateCreated != null ? dateCreated.hashCode() : 0); result = 31 * result + (lastModified != null ? lastModified.hashCode() : 0); result = 31 * result + (isPermanent != null ? isPermanent.hashCode() : 0); result = 31 * result + (properties != null ? properties.hashCode() : 0); result = 31 * result + (aipIds != null ? aipIds.hashCode() : 0); result = 31 * result + (representationIds != null ? representationIds.hashCode() : 0); result = 31 * result + (fileIds != null ? fileIds.hashCode() : 0); result = 31 * result + (permissions != null ? permissions.hashCode() : 0); return result; }
@Override public boolean equals(Object o) { if (this == o) return true; if (o == null || getClass() != o.getClass()) return false; AIP aip = (AIP) o; if (id != null ? !id.equals(aip.id) : aip.id != null) return false; if (parentId != null ? !parentId.equals(aip.parentId) : aip.parentId != null) return false; if (type != null ? !type.equals(aip.type) : aip.type != null) return false; if (state != aip.state) return false; if (permissions != null ? !permissions.equals(aip.permissions) : aip.permissions != null) return false; if (descriptiveMetadata != null ? !descriptiveMetadata.equals(aip.descriptiveMetadata) : aip.descriptiveMetadata != null) return false; if (representations != null ? !representations.equals(aip.representations) : aip.representations != null) return false; if (ingestSIPIds != null ? !ingestSIPIds.equals(aip.ingestSIPIds) : aip.ingestSIPIds != null) return false; if (ingestJobId != null ? !ingestJobId.equals(aip.ingestJobId) : aip.ingestJobId != null) return false; return ghost != null ? ghost.equals(aip.ghost) : aip.ghost == null; }
public Set<PermissionType> getUserPermissions(String username) { return getPermissions(username, users); }
public static AIP earkSIPToAIP(SIP sip, String username, Permissions fullPermissions, ModelService model, List<String> ingestSIPIds, String ingestJobId, Optional<String> parentId, String ingestSIPUUID, Plugin<?> plugin) throws RequestNotValidException, NotFoundException, GenericException, AlreadyExistsException, AuthorizationDeniedException, ValidationException, IOException, LockingException { AIPState state = AIPState.INGEST_PROCESSING; Permissions permissions = new Permissions(); boolean notify = false; String aipType = IngestHelper.getType(sip); AIP aip = model.createAIP(state, parentId.orElse(null), aipType, permissions, ingestSIPUUID, ingestSIPIds, ingestJobId, notify, username); PluginHelper.acquireObjectLock(aip, plugin); // process IP information processIPInformation(model, sip, aip.getId(), notify, false); // process IPRepresentation information for (IPRepresentation representation : sip.getRepresentations()) { processIPRepresentationInformation(model, representation, aip.getId(), notify, false, username, null); } model.notifyAipCreated(aip.getId()); AIP createdAIP = model.retrieveAIP(aip.getId()); // Set Permissions Permissions readPermissions = PermissionUtils.grantReadPermissionToUserGroup(model, createdAIP, aip.getPermissions()); Permissions finalPermissions = PermissionUtils.grantAllPermissions(username, readPermissions, fullPermissions); createdAIP.setPermissions(finalPermissions); model.updateAIP(createdAIP, username); return model.retrieveAIP(aip.getId()); }
public static boolean hasPermissions(User user, List<String> methods, Permissions permissions) { boolean canAct = true; for (String method : methods) { canAct &= user.hasRole(RodaCoreFactory.getRodaConfigurationAsString("core.roles." + method)); String permissionKey = RodaCoreFactory.getRodaConfigurationAsString("core.permissions." + method); if (canAct && permissions != null && permissionKey != null) { PermissionType permissionType = PermissionType.valueOf(permissionKey); if (permissionType != null) { if (permissions.getUserPermissions(user.getName()).contains(permissionType)) { canAct = true; } else { boolean containGroup = false; for (String group : user.getGroups()) { if (permissions.getGroupPermissions(group).contains(permissionType)) { containGroup = true; break; } } canAct = containGroup; } } } } return canAct; } }
@Override public int hashCode() { int result = id != null ? id.hashCode() : 0; result = 31 * result + (parentId != null ? parentId.hashCode() : 0); result = 31 * result + (type != null ? type.hashCode() : 0); result = 31 * result + (state != null ? state.hashCode() : 0); result = 31 * result + (permissions != null ? permissions.hashCode() : 0); result = 31 * result + (descriptiveMetadata != null ? descriptiveMetadata.hashCode() : 0); result = 31 * result + (representations != null ? representations.hashCode() : 0); result = 31 * result + (ingestSIPIds != null ? ingestSIPIds.hashCode() : 0); result = 31 * result + (ingestJobId != null ? ingestJobId.hashCode() : 0); result = 31 * result + (ghost != null ? ghost.hashCode() : 0); return result; }
@Override public boolean equals(Object o) { if (this == o) return true; if (o == null || getClass() != o.getClass()) return false; DIP that = (DIP) o; if (id != null ? !id.equals(that.id) : that.id != null) return false; if (description != null ? !description.equals(that.description) : that.description != null) return false; if (title != null ? !title.equals(that.title) : that.title != null) return false; if (dateCreated != null ? !dateCreated.equals(that.dateCreated) : that.dateCreated != null) return false; if (lastModified != null ? !lastModified.equals(that.lastModified) : that.lastModified != null) return false; if (isPermanent != null ? !isPermanent.equals(that.isPermanent) : that.isPermanent != null) return false; if (properties != null ? !properties.equals(that.properties) : that.properties != null) return false; if (permissions != null ? !permissions.equals(that.permissions) : that.permissions != null) return false; if (aipIds != null ? !aipIds.equals(that.aipIds) : that.aipIds != null) return false; if (representationIds != null ? !representationIds.equals(that.representationIds) : that.representationIds != null) return false; return fileIds != null ? !fileIds.equals(that.fileIds) : that.fileIds != null; }
public Set<PermissionType> getGroupPermissions(String groupname) { return getPermissions(groupname, groups); }
public static Map<String, Object> getPermissionsAsPreCalculatedFields(Permissions permissions) { Map<String, Object> ret = new HashMap<>(); for (Entry<PermissionType, Set<String>> entry : permissions.getUsers().entrySet()) { String key = RodaConstants.INDEX_PERMISSION_USERS_PREFIX + entry.getKey(); List<String> value = new ArrayList<>(entry.getValue()); ret.put(key, value); } for (Entry<PermissionType, Set<String>> entry : permissions.getGroups().entrySet()) { String key = RodaConstants.INDEX_PERMISSION_GROUPS_PREFIX + entry.getKey(); List<String> value = new ArrayList<>(entry.getValue()); ret.put(key, value); } return ret; }
private Permissions addParentPermissions(Permissions permissions, String parentId) throws RequestNotValidException, NotFoundException, GenericException, AuthorizationDeniedException { if (parentId != null) { AIP parentAIP = this.retrieveAIP(parentId); Set<String> parentGroupnames = parentAIP.getPermissions().getGroupnames(); Set<String> parentUsernames = parentAIP.getPermissions().getUsernames(); Set<String> groupnames = permissions.getGroupnames(); Set<String> usernames = permissions.getUsernames(); for (String user : parentUsernames) { if (!usernames.contains(user)) { permissions.setUserPermissions(user, parentAIP.getPermissions().getUserPermissions(user)); } } for (String group : parentGroupnames) { if (!groupnames.contains(group)) { permissions.setGroupPermissions(group, parentAIP.getPermissions().getGroupPermissions(group)); } } } return permissions; }
doc.addField(RodaConstants.INDEX_STATE, SolrUtils.formatEnum(AIPState.ACTIVE)); Permissions permissions = new Permissions(); List<String> users = RodaCoreFactory.getRodaConfigurationAsList("core.permission.repository_events.user"); List<String> groups = RodaCoreFactory.getRodaConfigurationAsList("core.permission.repository_events.group"); permissions.setUserPermissions(user, Sets.newHashSet(PermissionType.READ)); permissions.setGroupPermissions(group, Sets.newHashSet(PermissionType.READ));
@Override public int hashCode() { int result = id != null ? id.hashCode() : 0; result = 31 * result + (state != null ? state.hashCode() : 0); result = 31 * result + (level != null ? level.hashCode() : 0); result = 31 * result + (title != null ? title.hashCode() : 0); result = 31 * result + (dateInitial != null ? dateInitial.hashCode() : 0); result = 31 * result + (dateFinal != null ? dateFinal.hashCode() : 0); result = 31 * result + (description != null ? description.hashCode() : 0); result = 31 * result + (parentID != null ? parentID.hashCode() : 0); result = 31 * result + (ancestors != null ? ancestors.hashCode() : 0); result = 31 * result + (permissions != null ? permissions.hashCode() : 0); result = 31 * result + (numberOfSubmissionFiles != null ? numberOfSubmissionFiles.hashCode() : 0); result = 31 * result + (numberOfDocumentationFiles != null ? numberOfDocumentationFiles.hashCode() : 0); result = 31 * result + (numberOfSchemaFiles != null ? numberOfSchemaFiles.hashCode() : 0); result = 31 * result + (hasRepresentations != null ? hasRepresentations.hashCode() : 0); result = 31 * result + (ghost != null ? ghost.hashCode() : 0); result = 31 * result + (ingestSIPIds != null ? ingestSIPIds.hashCode() : 0); result = 31 * result + (ingestJobId != null ? ingestJobId.hashCode() : 0); return result; }
if (ancestors != null ? !ancestors.equals(that.ancestors) : that.ancestors != null) return false; if (permissions != null ? !permissions.equals(that.permissions) : that.permissions != null) return false; if (numberOfSubmissionFiles != null ? !numberOfSubmissionFiles.equals(that.numberOfSubmissionFiles)
public static void setPermissions(Permissions permissions, final SolrInputDocument ret) { for (Entry<PermissionType, Set<String>> entry : permissions.getUsers().entrySet()) { String key = RodaConstants.INDEX_PERMISSION_USERS_PREFIX + entry.getKey(); List<String> value = new ArrayList<>(entry.getValue()); ret.addField(key, value); } for (Entry<PermissionType, Set<String>> entry : permissions.getGroups().entrySet()) { String key = RodaConstants.INDEX_PERMISSION_GROUPS_PREFIX + entry.getKey(); List<String> value = new ArrayList<>(entry.getValue()); ret.addField(key, value); } }