@Deprecated @Override public List<SecurityRule> findGroupSecurityRule(List<String> groupNames, long resourceId) { Search searchCriteria = new Search(Resource.class); searchCriteria.addField("security"); Filter securityFilter = Filter.some("security", Filter.equal("resource.id", resourceId)); //Advanced filters Filters doesn't work, I don't know why... // Filter securityFilter = Filter.some( // "security", // Filter.and(Filter.equal("resource.id", resourceId), // Filter.in("group.groupName", groupNames), // Filter.isNotEmpty("group"))); searchCriteria.addFilter(securityFilter); List<SecurityRule> rules = super.search(searchCriteria); //WORKAROUND List<SecurityRule> filteredRules = new ArrayList<SecurityRule>(); for(SecurityRule sr : rules){ if(sr.getGroup() != null && groupNames.contains(sr.getGroup().getGroupName())){ filteredRules.add(sr); } } return filteredRules; }
@Override public List<SecurityRule> findGroupSecurityRule(List<String> userGroups, long resourceId) { Search searchCriteria = new Search(StoredData.class); //get all the security rules searchCriteria.addField("resource.security"); Filter securityFilter = Filter.some( "resource.security",Filter.equal("resource.security.resource.id", resourceId) ); searchCriteria.addFilter(securityFilter); List<SecurityRule> rules = super.search(searchCriteria); //WORKAROUND (See ResourceDAOImpl) List<SecurityRule> filteredRules = new ArrayList<SecurityRule>(); for(SecurityRule sr : rules){ if(sr.getGroup() != null && userGroups.contains(sr.getGroup().getGroupName())){ filteredRules.add(sr); } } return filteredRules; }
public RESTSecurityRule(SecurityRule rule) { if(rule.getUser() != null) { User ruleUser = rule.getUser(); user = new RESTUser(); user.setId(ruleUser.getId()); user.setName(ruleUser.getName()); } if(rule.getGroup() != null) { UserGroup ruleGroup = rule.getGroup(); group = new RESTUserGroup(); group.setId(ruleGroup.getId()); group.setGroupName(ruleGroup.getGroupName()); } canRead = rule.isCanRead(); canWrite = rule.isCanWrite(); }
@Override public void updateSecurityRules(long id, List<SecurityRule> rules) throws BadRequestServiceEx, InternalErrorServiceEx, NotFoundServiceEx { Resource resource = resourceDAO.find(id); if (resource != null) { Search searchCriteria = new Search(); searchCriteria.addFilterEqual("resource.id", id); List<SecurityRule> resourceRules = this.securityDAO.search(searchCriteria); // remove previous rules for (SecurityRule rule : resourceRules) { securityDAO.remove(rule); } // insert new rules for (SecurityRule rule : rules) { rule.setResource(resource); //Retrieve from db the entity usergroup, if the securityrule is related to a group if (rule.getGroup() != null) { UserGroup ug = userGroupDAO.find(rule.getGroup().getId()); if (ug == null) { throw new InternalErrorServiceEx("The usergroup having the provided Id doesn't exist"); } rule.setGroup(ug); } securityDAO.persist(rule); } } else { throw new NotFoundServiceEx("Resource not found " + id); } }
for (SecurityRule rule : resource.getSecurity()) { User owner = rule.getUser(); UserGroup userGroup = rule.getGroup(); if (owner != null) { if (owner.getId().equals(authUser.getId())) {