public static String[] getNamesForPermissions(Authorization authorization, Permission[] permissions) { int type = authorization.getAuthorizationType(); // special case all permissions are granted if ((type == Authorization.AUTH_TYPE_GLOBAL || type == Authorization.AUTH_TYPE_GRANT) && authorization.isEveryPermissionGranted()) { return new String[] { Permissions.ALL.getName() }; } // special case all permissions are revoked if (type == Authorization.AUTH_TYPE_REVOKE && authorization.isEveryPermissionRevoked()) { return new String[] { Permissions.ALL.getName() }; } List<String> names = new ArrayList<String>(); for (Permission permission : permissions) { String name = permission.getName(); // filter NONE and ALL from permissions array if (!name.equals(Permissions.NONE.getName()) && !name.equals(Permissions.ALL.getName())) { names.add(name); } } return names.toArray(new String[names.size()]); }
public static String[] getNamesForPermissions(Authorization authorization, Permission[] permissions) { int type = authorization.getAuthorizationType(); // special case all permissions are granted if ((type == Authorization.AUTH_TYPE_GLOBAL || type == Authorization.AUTH_TYPE_GRANT) && authorization.isEveryPermissionGranted()) { return new String[] { Permissions.ALL.getName() }; } // special case all permissions are revoked if (type == Authorization.AUTH_TYPE_REVOKE && authorization.isEveryPermissionRevoked()) { return new String[] { Permissions.ALL.getName() }; } List<String> names = new ArrayList<String>(); for (Permission permission : permissions) { String name = permission.getName(); // filter NONE and ALL from permissions array if (!name.equals(Permissions.NONE.getName()) && !name.equals(Permissions.ALL.getName())) { names.add(name); } } return names.toArray(new String[names.size()]); }
public String toString() { StringBuilder sb = new StringBuilder(); sb.append("[Resource: "); sb.append(resource); sb.append(", Resource Id: "); sb.append(resourceId); sb.append(", Type: "); sb.append(type); sb.append(", User Id: "); sb.append(userId); sb.append(", Permissions: ["); for (Permission permission : permissions) { sb.append(permission.getName()); sb.append(", "); } sb.append("]]"); return sb.toString(); } }
public void validateResourceCompatibility(AuthorizationEntity authorization) { int resourceType = authorization.getResourceType(); Set<Permission> permissionSet = authorization.getCachedPermissions(); for (Permission permission : permissionSet) { if (!ResourceTypeUtil.resourceIsContainedInArray(resourceType, permission.getTypes())) { throw LOG.invalidResourceForAuthorization(resourceType, permission.getName()); } } }
public void validateResourceCompatibility(AuthorizationEntity authorization) { int resourceType = authorization.getResourceType(); Set<Permission> permissionSet = authorization.getCachedPermissions(); for (Permission permission : permissionSet) { if (!ResourceTypeUtil.resourceIsContainedInArray(resourceType, permission.getTypes())) { throw LOG.invalidResourceForAuthorization(resourceType, permission.getName()); } } }
public void checkAuthorization(CompositePermissionCheck compositePermissionCheck) { if(isAuthCheckExecuted()) { Authentication currentAuthentication = getCurrentAuthentication(); String userId = currentAuthentication.getUserId(); boolean isAuthorized = isAuthorized(compositePermissionCheck); if (!isAuthorized) { List<MissingAuthorization> missingAuthorizations = new ArrayList<MissingAuthorization>(); for (PermissionCheck check: compositePermissionCheck.getAllPermissionChecks()) { missingAuthorizations.add(new MissingAuthorization( check.getPermission().getName(), check.getResource().resourceName(), check.getResourceId())); } throw new AuthorizationException(userId, missingAuthorizations); } } }
public void checkAuthorization(CompositePermissionCheck compositePermissionCheck) { if(isAuthCheckExecuted()) { Authentication currentAuthentication = getCurrentAuthentication(); String userId = currentAuthentication.getUserId(); boolean isAuthorized = isAuthorized(compositePermissionCheck); if (!isAuthorized) { List<MissingAuthorization> missingAuthorizations = new ArrayList<MissingAuthorization>(); for (PermissionCheck check: compositePermissionCheck.getAllPermissionChecks()) { missingAuthorizations.add(new MissingAuthorization( check.getPermission().getName(), check.getResource().resourceName(), check.getResourceId())); } throw new AuthorizationException(userId, missingAuthorizations); } } }
public void checkAuthorization(List<PermissionCheck> permissionChecks) { if(isAuthCheckExecuted()) { Authentication currentAuthentication = getCurrentAuthentication(); String userId = currentAuthentication.getUserId(); boolean isAuthorized = isAuthorized(userId, currentAuthentication.getGroupIds(), permissionChecks); if (!isAuthorized) { List<MissingAuthorization> missingAuthorizations = new ArrayList<MissingAuthorization>(); for (PermissionCheck check: permissionChecks) { missingAuthorizations.add(new MissingAuthorization( check.getPermission().getName(), check.getResource().resourceName(), check.getResourceId())); } throw new AuthorizationException(userId, missingAuthorizations); } } }
public void checkAuthorization(List<PermissionCheck> permissionChecks) { if(isAuthCheckExecuted()) { Authentication currentAuthentication = getCurrentAuthentication(); String userId = currentAuthentication.getUserId(); boolean isAuthorized = isAuthorized(userId, currentAuthentication.getGroupIds(), permissionChecks); if (!isAuthorized) { List<MissingAuthorization> missingAuthorizations = new ArrayList<MissingAuthorization>(); for (PermissionCheck check: permissionChecks) { missingAuthorizations.add(new MissingAuthorization( check.getPermission().getName(), check.getResource().resourceName(), check.getResourceId())); } throw new AuthorizationException(userId, missingAuthorizations); } } }
@Override public void checkAuthorization(Permission permission, Resource resource, String resourceId) { if(isAuthCheckExecuted()) { Authentication currentAuthentication = getCurrentAuthentication(); boolean isAuthorized = isAuthorized(currentAuthentication.getUserId(), currentAuthentication.getGroupIds(), permission, resource, resourceId); if (!isAuthorized) { throw new AuthorizationException( currentAuthentication.getUserId(), permission.getName(), resource.resourceName(), resourceId); } } }
@Override public void checkAuthorization(Permission permission, Resource resource, String resourceId) { if(isAuthCheckExecuted()) { Authentication currentAuthentication = getCurrentAuthentication(); boolean isAuthorized = isAuthorized(currentAuthentication.getUserId(), currentAuthentication.getGroupIds(), permission, resource, resourceId); if (!isAuthorized) { throw new AuthorizationException( currentAuthentication.getUserId(), permission.getName(), resource.resourceName(), resourceId); } } }
public boolean isAuthorized(String userId, List<String> groupIds, CompositePermissionCheck compositePermissionCheck) { for (PermissionCheck permissionCheck : compositePermissionCheck.getAllPermissionChecks()) { if (!isResourceValidForPermission(permissionCheck)) { throw LOG.invalidResourceForPermission(permissionCheck.getResource().resourceName(), permissionCheck.getPermission().getName()); } } List<String> filteredGroupIds = filterAuthenticatedGroupIds(groupIds); boolean isRevokeAuthorizationCheckEnabled = isRevokeAuthCheckEnabled(userId, groupIds); AuthorizationCheck authCheck = new AuthorizationCheck(userId, filteredGroupIds, compositePermissionCheck, isRevokeAuthorizationCheckEnabled); return getDbEntityManager().selectBoolean("isUserAuthorizedForResource", authCheck); }
public boolean isAuthorized(String userId, List<String> groupIds, CompositePermissionCheck compositePermissionCheck) { for (PermissionCheck permissionCheck : compositePermissionCheck.getAllPermissionChecks()) { if (!isResourceValidForPermission(permissionCheck)) { throw LOG.invalidResourceForPermission(permissionCheck.getResource().resourceName(), permissionCheck.getPermission().getName()); } } List<String> filteredGroupIds = filterAuthenticatedGroupIds(groupIds); boolean isRevokeAuthorizationCheckEnabled = isRevokeAuthCheckEnabled(userId, groupIds); AuthorizationCheck authCheck = new AuthorizationCheck(userId, filteredGroupIds, compositePermissionCheck, isRevokeAuthorizationCheckEnabled); return getDbEntityManager().selectBoolean("isUserAuthorizedForResource", authCheck); }
public boolean isAuthorized(String userId, List<String> groupIds, List<PermissionCheck> permissionChecks) { if(!isAuthorizationEnabled()) { return true; } for (PermissionCheck permissionCheck : permissionChecks) { if (!isResourceValidForPermission(permissionCheck)) { throw LOG.invalidResourceForPermission(permissionCheck.getResource().resourceName(), permissionCheck.getPermission().getName()); } } List<String> filteredGroupIds = filterAuthenticatedGroupIds(groupIds); boolean isRevokeAuthorizationCheckEnabled = isRevokeAuthCheckEnabled(userId, groupIds); AuthorizationCheck authCheck = new AuthorizationCheck(userId, filteredGroupIds, permissionChecks, isRevokeAuthorizationCheckEnabled); return getDbEntityManager().selectBoolean("isUserAuthorizedForResource", authCheck); }
public boolean isAuthorized(String userId, List<String> groupIds, List<PermissionCheck> permissionChecks) { if(!isAuthorizationEnabled()) { return true; } for (PermissionCheck permissionCheck : permissionChecks) { if (!isResourceValidForPermission(permissionCheck)) { throw LOG.invalidResourceForPermission(permissionCheck.getResource().resourceName(), permissionCheck.getPermission().getName()); } } List<String> filteredGroupIds = filterAuthenticatedGroupIds(groupIds); boolean isRevokeAuthorizationCheckEnabled = isRevokeAuthCheckEnabled(userId, groupIds); AuthorizationCheck authCheck = new AuthorizationCheck(userId, filteredGroupIds, permissionChecks, isRevokeAuthorizationCheckEnabled); return getDbEntityManager().selectBoolean("isUserAuthorizedForResource", authCheck); }
protected static MissingAuthorization asMissingAuthorization(Authorization authorization) { String permissionName = null; String resourceId = null; String resourceName = null; Permission[] permissions = AuthorizationTestUtil.getPermissions(authorization); for (Permission permission : permissions) { if (permission.getValue() != Permissions.NONE.getValue()) { permissionName = permission.getName(); break; } } if (!Authorization.ANY.equals(authorization.getResourceId())) { // missing ANY authorizations are not explicitly represented in the error message resourceId = authorization.getResourceId(); } Resource resource = AuthorizationTestUtil.getResourceByType(authorization.getResourceType()); resourceName = resource.resourceName(); return new MissingAuthorization(permissionName, resourceName, resourceId); }
for (Permission permission : permissions) { if (permission.getValue() != Permissions.NONE.getValue()) { Assert.assertTrue(assertionFailureMessage, message.contains(permission.getName())); break;
public void checkAuthorization(List<PermissionCheck> permissionChecks) { if(isAuthCheckExecuted()) { Authentication currentAuthentication = getCurrentAuthentication(); String userId = currentAuthentication.getUserId(); boolean isAuthorized = isAuthorized(userId, currentAuthentication.getGroupIds(), permissionChecks); if (!isAuthorized) { List<MissingAuthorization> missingAuthorizations = new ArrayList<MissingAuthorization>(); for (PermissionCheck check: permissionChecks) { missingAuthorizations.add(new MissingAuthorization( check.getPermission().getName(), check.getResource().resourceName(), check.getResourceId())); } throw new AuthorizationException(userId, missingAuthorizations); } } }
public void checkAuthorization(CompositePermissionCheck compositePermissionCheck) { if(isAuthCheckExecuted()) { Authentication currentAuthentication = getCurrentAuthentication(); String userId = currentAuthentication.getUserId(); boolean isAuthorized = isAuthorized(compositePermissionCheck); if (!isAuthorized) { List<MissingAuthorization> missingAuthorizations = new ArrayList<MissingAuthorization>(); for (PermissionCheck check: compositePermissionCheck.getAllPermissionChecks()) { missingAuthorizations.add(new MissingAuthorization( check.getPermission().getName(), check.getResource().resourceName(), check.getResourceId())); } throw new AuthorizationException(userId, missingAuthorizations); } } }
@Override public void checkAuthorization(Permission permission, Resource resource, String resourceId) { if(isAuthCheckExecuted()) { Authentication currentAuthentication = getCurrentAuthentication(); boolean isAuthorized = isAuthorized(currentAuthentication.getUserId(), currentAuthentication.getGroupIds(), permission, resource, resourceId); if (!isAuthorized) { throw new AuthorizationException( currentAuthentication.getUserId(), permission.getName(), resource.resourceName(), resourceId); } } }