/** * Generate the field name term for the field name for filters */ private NestedFilterBuilder fieldNameTerm( final String fieldName, final FilterBuilder fieldValueBuilder ) { final BoolFilterBuilder booleanQuery = FilterBuilders.boolFilter(); booleanQuery.must( FilterBuilders.termFilter( IndexingUtils.FIELD_NAME_NESTED, fieldName ) ); booleanQuery.must( fieldValueBuilder ); return FilterBuilders.nestedFilter( IndexingUtils.ENTITY_FIELDS, booleanQuery ); }
/** * Delete a groupRoles entry (groupId) in all ISecuredResource object * * @param groupId group id to remove in groupRoles * @throws ClassNotFoundException * @throws IOException */ private void deleteGroupRoles(String groupId) throws ClassNotFoundException, IOException { FilterBuilder resourceFilter = FilterBuilders.nestedFilter("groupRoles", FilterBuilders.termFilter("groupRoles.key", groupId)); deleteRoles(resourceFilter, groupId, new DeleteRoleVisitor() { @Override public void deleteRoleOfOwner(Object[] securedResources, String owner) { deleteRoleOfGroup(securedResources, owner); } }); }
/** * Delete a userRoles entry (userId) in all ISecuredResource object * * @param userId user id (username) to remove in userRoles * @throws ClassNotFoundException * @throws IOException */ private void deleteUserRoles(String userId) throws ClassNotFoundException, IOException { FilterBuilder resourceFilter = FilterBuilders.nestedFilter("userRoles", FilterBuilders.termFilter("userRoles.key", userId)); deleteRoles(resourceFilter, userId, new DeleteRoleVisitor() { @Override public void deleteRoleOfOwner(Object[] securedResources, String owner) { deleteRoleOfUser(securedResources, owner); } }); }
private void deleteApplicationPermissionOn(String applicationId, Class<?>... resourceClasses) throws IOException, ClassNotFoundException { FilterBuilder resourceFilter = FilterBuilders.nestedFilter("applicationPermissions", FilterBuilders.termFilter("applicationPermissions.key", applicationId)); deletePermissions(resourceFilter, applicationId, ((resource, subjectId) -> resourcePermissionService.revokePermission(resource, Subject.APPLICATION, subjectId)), resourceClasses); }
private void deleteEnvironmentPermissionOn(String environmentId, Class<?>... resourceClasses) throws IOException, ClassNotFoundException { FilterBuilder resourceFilter = FilterBuilders.nestedFilter("environmentPermissions", FilterBuilders.termFilter("environmentPermissions.key", environmentId)); deletePermissions(resourceFilter, environmentId, ((resource, subjectId) -> resourcePermissionService.revokePermission(resource, Subject.ENVIRONMENT, subjectId)), resourceClasses); }
private void deleteUserPermissionOn(String username, Class<?>... resourceClasses) throws IOException, ClassNotFoundException { FilterBuilder resourceFilter = FilterBuilders.nestedFilter("userPermissions", FilterBuilders.termFilter("userPermissions.key", username)); deletePermissions(resourceFilter, username, ((resource, subjectId) -> resourcePermissionService.revokePermission(resource, Subject.USER, subjectId)), resourceClasses); }
private void deleteGroupPermissionOn(String groupId, Class<?>... resourceClasses) throws IOException, ClassNotFoundException { FilterBuilder resourceFilter = FilterBuilders.nestedFilter("groupPermissions", FilterBuilders.termFilter("groupPermissions.key", groupId)); deletePermissions(resourceFilter, groupId, ((resource, subjectId) -> resourcePermissionService.revokePermission(resource, Subject.GROUP, subjectId)), resourceClasses); }
private void deleteEnvironmentTypePermissionOn(String environmentId, Class<?>... resourceClasses) throws IOException, ClassNotFoundException { FilterBuilder resourceFilter = FilterBuilders.nestedFilter("environmentTypePermissions", FilterBuilders.termFilter("environmentTypePermissions.key", environmentId)); deletePermissions(resourceFilter, environmentId, ((resource, subjectId) -> resourcePermissionService.revokePermission(resource, Subject.ENVIRONMENT_TYPE, subjectId)), resourceClasses); }
/** * Add a filter that check for authorizations on resources * Takes also in account the ALL_USER group */ public static FilterBuilder getResourceAuthorizationFilters() { final Authentication auth = SecurityContextHolder.getContext().getAuthentication(); if (auth.getAuthorities().contains(new SimpleGrantedAuthority(Role.ADMIN.toString()))) { return null; } FilterBuilder filterBuilder; User user = (User) auth.getPrincipal(); if (user.getGroups() != null && !user.getGroups().isEmpty()) { filterBuilder = FilterBuilders.boolFilter() .should(FilterBuilders.nestedFilter("userRoles", FilterBuilders.termFilter("userRoles.key", auth.getName()))) .should(FilterBuilders.nestedFilter("groupRoles", FilterBuilders.inFilter("groupRoles.key", user.getGroups().toArray()))); } else { filterBuilder = FilterBuilders.nestedFilter("userRoles", FilterBuilders.termFilter("userRoles.key", auth.getName())); } Group group = getAllUsersGroup(); if (group != null) { String groupId = group.getId(); // add ALL_USERS group as OR filter filterBuilder = FilterBuilders.orFilter(filterBuilder, FilterBuilders.nestedFilter("groupRoles", FilterBuilders.inFilter("groupRoles.key", groupId))); } return filterBuilder; }
andFilterBuilder.add(FilterBuilders.nestedFilter(SearchDocumentFieldName.SPECIFICATIONS.getFieldName(), getSpecificationsFacetFilterBuilder(searchCriteria))); specificationFilterBuilder = getSpecificationsFilterBuilder(searchCriteria); andFilterBuilder.add(FilterBuilders.nestedFilter(SearchDocumentFieldName.SPECIFICATIONS.getFieldName(), specificationFilterBuilder));
andFilterBuilder.add(FilterBuilders.nestedFilter( SearchDocumentFieldName.SPECIFICATIONS.getFieldName(), getSpecificationsFacetFilterBuilder(searchCriteria))); FilterBuilder specificationFilterBuilder = null; specificationFilterBuilder = getSpecificationsFilterBuilder(searchCriteria); andFilterBuilder.add(FilterBuilders.nestedFilter( SearchDocumentFieldName.SPECIFICATIONS.getFieldName(), specificationFilterBuilder));
NestedFilterBuilder nestedFilterBuilder = FilterBuilders.nestedFilter(SearchDocumentFieldName.SPECIFICATIONS.getFieldName(), FilterBuilders.matchAllFilter()).join(false); TermsFacetBuilder facetFilter = FacetBuilders.termsFacet(facetCode) NestedFilterBuilder nestedFilterBuilder = FilterBuilders.nestedFilter(SearchDocumentFieldName.SPECIFICATIONS.getFieldName(), FilterBuilders.matchAllFilter()).join(false); TermsFacetBuilder facetFilter = FacetBuilders.termsFacet(facetCode)
.nestedFilter( SearchDocumentFieldName.SPECIFICATIONS .getFieldName(), .nestedFilter( SearchDocumentFieldName.SPECIFICATIONS .getFieldName(),