private void putAllSubjects(final PolicyEntry policyEntry) { final Subjects entrySubjects = policyEntry.getSubjects(); final Map<SubjectId, Subject> subjectsMap = new LinkedHashMap<>(entrySubjects.getSize()); entrySubjects.forEach(entrySubject -> subjectsMap.put(entrySubject.getId(), entrySubject)); subjects.put(policyEntry.getLabel(), subjectsMap); }
@Override public Optional<EffectedPermissions> getEffectedPermissionsFor(final CharSequence label, final SubjectId subjectId, final ResourceKey resourceKey) { final Label lbl = Label.of(label); Optional<EffectedPermissions> result = Optional.empty(); final PolicyEntry policyEntry = entries.get(lbl); if (null != policyEntry) { final Subjects subjects = policyEntry.getSubjects(); final Optional<Subject> subjectOptional = subjects.getSubject(subjectId); if (subjectOptional.isPresent()) { final Resources resources = policyEntry.getResources(); result = resources.getResource(resourceKey).map(Resource::getEffectedPermissions); } } return result; }
static PolicyEntry substitutePolicyEntry(final PolicyEntry existingPolicyEntry, final HeaderBasedPlaceholderSubstitutionAlgorithm substitutionAlgorithm, final DittoHeaders dittoHeaders) { final Subjects existingSubjects = existingPolicyEntry.getSubjects(); final Subjects substitutedSubjects = substituteSubjects(existingSubjects, substitutionAlgorithm, dittoHeaders); final PolicyEntry resultEntry; if (existingSubjects.equals(substitutedSubjects)) { resultEntry = existingPolicyEntry; } else { resultEntry = PolicyEntry.newInstance(existingPolicyEntry.getLabel(), substitutedSubjects, existingPolicyEntry.getResources()); } return resultEntry; }
@Override public Policy removeSubjectFor(final CharSequence label, final SubjectId subjectId) { final Label lbl = Label.of(label); Policy result = this; final PolicyEntry existingPolicyEntry = entries.get(lbl); if (null != existingPolicyEntry) { final Subjects existingSubjects = existingPolicyEntry.getSubjects(); final Subjects newSubjects = existingSubjects.removeSubject(subjectId); if (!Objects.equals(existingSubjects, newSubjects)) { final Map<Label, PolicyEntry> entriesCopy = copyEntries(); entriesCopy.put(lbl, newPolicyEntry(lbl, newSubjects, existingPolicyEntry.getResources())); result = new ImmutablePolicy(policyId, entriesCopy, lifecycle, revision, modified); } } return result; }
@Override public Policy removeResourceFor(final CharSequence label, final ResourceKey resourceKey) { final Label lbl = Label.of(label); Policy result = this; final PolicyEntry existingEntry = entries.get(lbl); if (null != existingEntry) { final Resources existingResources = existingEntry.getResources(); final Resources newResources = existingResources.removeResource(resourceKey); if (!Objects.equals(existingResources, newResources)) { final Map<Label, PolicyEntry> entriesCopy = copyEntries(); entriesCopy.put(lbl, newPolicyEntry(lbl, existingEntry.getSubjects(), newResources)); result = new ImmutablePolicy(policyId, entriesCopy, lifecycle, revision, modified); } } return result; }
@Override protected void doApply(final RetrieveSubjects command) { final Optional<PolicyEntry> optionalEntry = policy.getEntryFor(command.getLabel()); if (optionalEntry.isPresent()) { final RetrieveSubjectsResponse response = RetrieveSubjectsResponse.of(policyId, command.getLabel(), optionalEntry.get().getSubjects(), command.getDittoHeaders()); sendSuccessResponse(command, response); } else { policyEntryNotFound(command.getLabel(), command.getDittoHeaders()); } }
@Override protected void doApply(final RetrieveSubjects command) { final Optional<PolicyEntry> optionalEntry = policy.getEntryFor(command.getLabel()); if (optionalEntry.isPresent()) { final RetrieveSubjectsResponse response = RetrieveSubjectsResponse.of(policyId, command.getLabel(), optionalEntry.get().getSubjects(), command.getDittoHeaders()); sendSuccessResponse(command, response); } else { policyEntryNotFound(command.getLabel(), command.getDittoHeaders()); } }
@Override public Policy setResourcesFor(final CharSequence label, final Resources resources) { final Label lbl = Label.of(label); checkNotNull(resources, "resources to set to the Policy entry"); final Map<Label, PolicyEntry> entriesCopy = copyEntries(); final PolicyEntry policyEntry = entriesCopy.get(lbl); final PolicyEntry modifiedEntry; if (null == policyEntry) { modifiedEntry = newPolicyEntry(lbl, PoliciesModelFactory.emptySubjects(), resources); } else { modifiedEntry = newPolicyEntry(lbl, policyEntry.getSubjects(), resources); } entriesCopy.put(lbl, modifiedEntry); return new ImmutablePolicy(policyId, entriesCopy, lifecycle, revision, modified); }
public PolicyAssert doesNotHaveSubjectFor(final Label label, final SubjectId subjectId) { isNotNull(); hasLabel(label); final PolicyEntry policyEntry = actual.getEntryFor(label).get(); assertThat(policyEntry.getSubjects().getSubject(subjectId)).isEmpty() // .overridingErrorMessage( "Expected Label <%s> to NOT contain Subject for SubjectId \n<%s> " + "but it did: \n<%s>", label, subjectId, policyEntry.getSubjects()); return this; }
@Override public Policy setResourceFor(final CharSequence label, final Resource resource) { final Label lbl = Label.of(label); checkNotNull(resource, "resource to set to the Policy entry"); final Map<Label, PolicyEntry> entriesCopy = copyEntries(); final PolicyEntry modifiedEntry; if (!entriesCopy.containsKey(lbl)) { modifiedEntry = newPolicyEntry(label, PoliciesModelFactory.emptySubjects(), newResources(resource)); } else { final PolicyEntry policyEntry = entriesCopy.get(lbl); final Resources modifiedResources = policyEntry.getResources().setResource(resource); modifiedEntry = newPolicyEntry(label, policyEntry.getSubjects(), modifiedResources); } entriesCopy.put(lbl, modifiedEntry); return new ImmutablePolicy(policyId, entriesCopy, lifecycle, revision, modified); }
@Override public Policy setSubjectFor(final CharSequence label, final Subject subject) { final Label lbl = Label.of(label); checkNotNull(subject, "subject to set to the Policy entry"); final Policy result; final PolicyEntry existingPolicyEntry = entries.get(lbl); if (null != existingPolicyEntry) { final Subjects existingSubjects = existingPolicyEntry.getSubjects(); final Subjects newSubjects = existingSubjects.setSubject(subject); if (!Objects.equals(existingSubjects, newSubjects)) { final Map<Label, PolicyEntry> entriesCopy = copyEntries(); entriesCopy.put(lbl, newPolicyEntry(lbl, newSubjects, existingPolicyEntry.getResources())); result = new ImmutablePolicy(policyId, entriesCopy, lifecycle, revision, modified); } else { result = this; } } else { result = setSubjectsFor(label, Subjects.newInstance(subject)); } return result; }
public PolicyAssert hasSubjectFor(final Label label, final SubjectId subjectId) { isNotNull(); hasLabel(label); final PolicyEntry policyEntry = actual.getEntryFor(label).get(); assertThat(policyEntry.getSubjects().getSubject(subjectId)).isPresent() // .overridingErrorMessage( "Expected Label <%s> to contain Subject for SubjectId \n<%s> " + "but did not: \n<%s>", label, subjectId, policyEntry.getSubjects()); return this; }
@Override protected void doApply(final RetrieveSubject command) { final Optional<PolicyEntry> optionalEntry = policy.getEntryFor(command.getLabel()); if (optionalEntry.isPresent()) { final PolicyEntry policyEntry = optionalEntry.get(); final Optional<Subject> optionalSubject = policyEntry.getSubjects().getSubject(command.getSubjectId()); if (optionalSubject.isPresent()) { final RetrieveSubjectResponse response = RetrieveSubjectResponse.of(policyId, command.getLabel(), optionalSubject.get(), command.getDittoHeaders()); sendSuccessResponse(command, response); } else { subjectNotFound(command.getLabel(), command.getSubjectId(), command.getDittoHeaders()); } } else { policyEntryNotFound(command.getLabel(), command.getDittoHeaders()); } }
@Override protected void doApply(final RetrieveSubject command) { final Optional<PolicyEntry> optionalEntry = policy.getEntryFor(command.getLabel()); if (optionalEntry.isPresent()) { final PolicyEntry policyEntry = optionalEntry.get(); final Optional<Subject> optionalSubject = policyEntry.getSubjects().getSubject(command.getSubjectId()); if (optionalSubject.isPresent()) { final RetrieveSubjectResponse response = RetrieveSubjectResponse.of(policyId, command.getLabel(), optionalSubject.get(), command.getDittoHeaders()); sendSuccessResponse(command, response); } else { subjectNotFound(command.getLabel(), command.getSubjectId(), command.getDittoHeaders()); } } else { policyEntryNotFound(command.getLabel(), command.getDittoHeaders()); } }
public PolicyAssert hasSubjectTypeFor(final Label label, final SubjectId subjectId, final SubjectType expectedSubjectType) { isNotNull(); hasSubjectFor(label, subjectId); final Subject subject = actual.getEntryFor(label).get().getSubjects().getSubject(subjectId).get(); assertThat(subject.getType()).isEqualTo(expectedSubjectType) // .overridingErrorMessage( "Expected Label <%s> to contain for SubjectId <%s> SubjectType " + "\n<%s> but did not: \n<%s>", label, subjectId, expectedSubjectType, subject.getType()); return this; }
policyEntry.getSubjects().forEach(subject -> { final PolicyTreeNode parentNode = Optional.ofNullable(tree.get(subject.getId().toString())). orElseGet(() -> {
if (optionalEntry.isPresent()) { final PolicyEntry policyEntry = optionalEntry.get(); if (policyEntry.getSubjects().getSubject(subjectId).isPresent()) { final PoliciesValidator validator = PoliciesValidator.newInstance(policy.removeSubjectFor(label, subjectId));
final ModifySubjectResponse response; if (policyEntry.getSubjects().getSubject(subject.getId()).isPresent()) { response = ModifySubjectResponse.modified(policyId, label, dittoHeaders); eventToPersist =
final ModifySubjectResponse response; if (policyEntry.getSubjects().getSubject(subject.getId()).isPresent()) { response = ModifySubjectResponse.modified(policyId, label, dittoHeaders); eventToPersist =
private void addPolicyEntry(final PolicyEntry policyEntry) { final Collection<String> subjectIds = getSubjectIds(policyEntry.getSubjects()); policyEntry.getResources().forEach(resource -> { final PolicyTrie target = seekOrCreate(getJsonKeyIterator(resource.getResourceKey())); final EffectedPermissions effectedPermissions = resource.getEffectedPermissions(); target.grant(subjectIds, effectedPermissions.getGrantedPermissions()); target.revoke(subjectIds, effectedPermissions.getRevokedPermissions()); }); }