/** * Get permissions associated with a specific user role * * @param role User access role * @return Response object */ @GET @Path("/roles/{role}/permissions") @Produces(APPLICATION_JSON) @ApiOperation(value = "Get permissions associated with a specific user role") @Timed public Response getRolePermissions( @PathParam("role") @ApiParam(defaultValue = DEFAULT_ROLE, value = EXAMPLE_ALL_ROLES) final String role) { try { return httpHeader.headers().entity(ImmutableMap.<String, Object>builder().put("permissions", authorization.getPermissionsFromRole(toRole(role))).build()).build(); } catch (Exception exception) { LOGGER.error("getRolePermissions failed for role={} with error:", role, exception); throw exception; } }
UserPermissions getAppSpecificPermission(UserInfo.Username username, Application.Name applicationName) { List<com.intuit.wasabi.repository.cassandra.pojo.UserRole> result = getUserRoleList(username, Optional.ofNullable(applicationName)); if (result.size() != 0) { assert result.size() <= 1 : "More than a single row returned"; com.intuit.wasabi.repository.cassandra.pojo.UserRole role = result.get(0); assert role.getRole() != null : "Role cannot be null"; return UserPermissions.newInstance(applicationName, Role.toRole(role.getRole()).getRolePermissions()) .build(); } return null; }
r -> UserRole.newInstance( Application.Name.valueOf(r.getAppName()), Role.toRole(r.getRole())
private UserRole getRoleWithUserInfo(com.intuit.wasabi.repository.cassandra.pojo.UserRole userRole) { LOGGER.debug("Getting user info for user role={}", userRole); Application.Name appName = userRole.getAppName().equals(ALL_APPLICATIONS) ? WILDCARD : Application.Name.valueOf(userRole.getAppName()); UserInfo userInfo = getUserInfo(UserInfo.Username.valueOf(userRole.getUserId())); UserRole roleWithUserInfo; if (nonNull(userInfo)) { roleWithUserInfo = UserRole.newInstance( appName, Role.toRole(userRole.getRole())). withUserID(UserInfo.Username.valueOf(userRole.getUserId())). withFirstName(userInfo.getFirstName()). withLastName(userInfo.getLastName()). withUserEmail(userInfo.getEmail()).build(); } else { roleWithUserInfo = UserRole.newInstance(appName, Role.toRole(userRole.getRole())) .withUserID(UserInfo.Username.valueOf(userRole.getUserId())).build(); } LOGGER.debug("Role with user info for user role={} is {}", userRole, roleWithUserInfo); return roleWithUserInfo; }
UserRole convertAppRoleToUserRole(Application.Name applicationName, AppRole appRole) { Role role = Role.toRole(appRole.getRole()); UserInfo.Username userID = UserInfo.Username.valueOf(appRole.getUserId()); UserInfo userInfo = getUserInfo(userID); if (userInfo == null) { userInfo = lookupUser(userID); } return UserRole.newInstance(applicationName, role) .withUserID(userID) .withUserEmail(userInfo.getEmail()) .withFirstName(userInfo.getFirstName()) .withLastName(userInfo.getLastName()) .build(); }