/** * Adds the information which roles can read permission the given element to the document. This information will later be used by the permission script to * filter out document which should not be visible to the user which invokes the query. * * @param document * @param element */ protected void addPermissionInfo(JsonObject document, MeshCoreVertex<?, ?> element) { Iterable<? extends Role> roleIt = element.getRolesWithPerm(GraphPermission.READ_PERM); List<String> roleUuids = new ArrayList<>(); for (Role role : roleIt) { roleUuids.add(role.getUuid()); } document.put("_roleUuids", roleUuids); }
/** * Generate the node container specific permission info. Node containers need to store also the read publish perm roles for published containers. * * @param document * @param node * @param type */ private void addPermissionInfo(JsonObject document, Node node, ContainerType type) { List<String> roleUuids = new ArrayList<>(); for (Role role : node.getRolesWithPerm(READ_PERM)) { roleUuids.add(role.getUuid()); } // Also add the roles which would grant read on published nodes if the container is published. if (type == PUBLISHED) { for (Role role : node.getRolesWithPerm(READ_PUBLISHED_PERM)) { roleUuids.add(role.getUuid()); } } document.put("_roleUuids", roleUuids); }
public static Role mockRole(String roleName, User creator) { Role role = mock(Role.class); when(role.getCreator()).thenReturn(creator); when(role.getCreationTimestamp()).thenReturn(TIMESTAMP_OLD); when(role.getEditor()).thenReturn(creator); when(role.getLastEditedTimestamp()).thenReturn(TIMESTAMP_NEW); when(role.getName()).thenReturn(roleName); when(role.getUuid()).thenReturn(ROLE_CLIENT_UUID); when(role.getRolesWithPerm(GraphPermission.READ_PERM)).thenReturn(createEmptyTraversal()); when(role.getElementVersion()).thenReturn(UUID_4); return role; }
try (Tx tx = db.tx()) { for (Role role : ac.getUser().getRoles()) { roleUuids.add(role.getUuid());