@Override public void checkPermission(String moduleName, Action action) { getAllowedActions(moduleName) .map((allowed) -> { allowed.checkPermission(action); return null; }) .orElseThrow(() -> new AccessControlException("No actions are defined for a madule named: " + moduleName)); }
@Override public void checkPermission(String moduleName, Set<Action> actions) { this.metadata.read(() -> { return this.actionsProvider.getAllowedActions(moduleName) .map((allowed) -> { allowed.checkPermission(actions); return moduleName; }) .<AccessControlException>orElseThrow(() -> new AccessControlException("No actions are defined for the module named: " + moduleName)); }); }
@Override public List<Project> getMyEditableProjects() { UsernamePrincipal user = JcrMetadataAccess.getActiveUser(); logger.debug("user={}", user); List<Project> projects = getProjects(); return projects.stream() .filter(prj -> { try { prj.getAllowedActions().checkPermission(ProjectAccessControl.EDIT_PROJECT); return true; } catch (AccessControlException ace) { return false; } }).collect(Collectors.toList()); }
@Override public void deleteProject(Project domain) { if (accessController.isEntityAccessControlled()) { domain.getAllowedActions().checkPermission(ProjectAccessControl.DELETE_PROJECT); } super.delete(domain); }
@Override public Category update(Category category) { if (accessController.isEntityAccessControlled()) { category.getAllowedActions().checkPermission(CategoryAccessControl.EDIT_DETAILS); } return super.update(category); }
@Override public void setDeployed(ID feedId, EntityVersion.ID versionId) { final JcrFeed feed = (JcrFeed) super.findById(feedId); if (feed != null) { if (accessController.isEntityAccessControlled()) { // TODO: Add deploy feed action? feed.getAllowedActions().checkPermission(FeedAccessControl.EDIT_DETAILS); } findVersion(feedId, versionId, false) .map(JcrEntityVersion.class::cast) .map(JcrEntityVersion::getVersion) .ifPresent(version -> { feed.setDeployedVersion(version); }); } else { throw new FeedNotFoundException(feedId); } }
public boolean deleteTemplate(FeedManagerTemplate feedManagerTemplate) throws TemplateDeletionException { if (feedManagerTemplate != null && (feedManagerTemplate.getFeeds() == null || feedManagerTemplate.getFeeds().size() == 0)) { feedManagerTemplate.getAllowedActions().checkPermission(TemplateAccessControl.DELETE); addPostFeedChangeAction(feedManagerTemplate, ChangeType.DELETE); super.delete(feedManagerTemplate); return true; } else { throw new TemplateDeletionException(feedManagerTemplate.getName(), feedManagerTemplate.getId().toString(), "There are still feeds assigned to this template."); } }
@Override public void delete(Feed feed) { if (accessController.isEntityAccessControlled()) { feed.getAllowedActions().checkPermission(FeedAccessControl.DELETE); } addPostFeedChangeAction(feed, ChangeType.DELETE); // Remove dependent feeds final Node node = ((JcrFeed) feed).getNode(); feed.getDependentFeeds().forEach(dep -> feed.removeDependentFeed((JcrFeed) dep)); JcrMetadataAccess.getAutoCheckinNodes().removeIf(node::equals); // Remove destinations and sources ((JcrFeed) feed).removeFeedDestinations(); ((JcrFeed) feed).removeFeedSources(); // Delete feed FeedManagerTemplate template = feed.getTemplate(); if (template != null) { template.removeFeed(feed); } // Remove all Ops access control entries this.opsAccessProvider.revokeAllAccess(feed.getId()); super.delete(feed); }
@Override public boolean enableFeed(Feed.ID id) { Feed feed = getFeed(id); if (accessController.isEntityAccessControlled()) { feed.getAllowedActions().checkPermission(FeedAccessControl.ENABLE_DISABLE); } if (!feed.getState().equals(Feed.State.ENABLED)) { feed.setState(Feed.State.ENABLED); //Enable any SLAs on this feed List<ServiceLevelAgreement> serviceLevelAgreements = feed.getServiceLevelAgreements(); if (serviceLevelAgreements != null) { for (ServiceLevelAgreement sla : serviceLevelAgreements) { JcrServiceLevelAgreement jcrSla = (JcrServiceLevelAgreement) sla; jcrSla.enable(); } } return true; } return false; }
@Override public boolean disableFeed(Feed.ID id) { Feed feed = getFeed(id); if (accessController.isEntityAccessControlled()) { feed.getAllowedActions().checkPermission(FeedAccessControl.ENABLE_DISABLE); } if (!feed.getState().equals(Feed.State.DISABLED)) { feed.setState(Feed.State.DISABLED); //disable any SLAs on this feed List<ServiceLevelAgreement> serviceLevelAgreements = feed.getServiceLevelAgreements(); if (serviceLevelAgreements != null) { for (ServiceLevelAgreement sla : serviceLevelAgreements) { JcrServiceLevelAgreement jcrSla = (JcrServiceLevelAgreement) sla; jcrSla.disabled(); } } return true; } return false; }