private void appendACL(Collection<? extends ClientApiObject> clientApiObject, Ontology ontology, User user, String workspaceId) { Set<String> privileges = privilegeRepository.getPrivileges(user); for (ClientApiObject apiObject : clientApiObject) { appendACL(apiObject, ontology, privileges, user, workspaceId); } }
public JSONObject toJsonWithAuths(User user) { JSONObject json = toJson(user); JSONArray authorizations = new JSONArray(); for (String a : authorizationRepository.getAuthorizations(user)) { authorizations.put(a); } json.put("authorizations", authorizations); json.put("uiPreferences", user.getUiPreferences()); Set<String> privileges = privilegeRepository.getPrivileges(user); json.put("privileges", Privilege.toJson(privileges)); return json; }
public final ClientApiObject appendACL(ClientApiObject clientApiObject, User user, String workspaceId) { if (user == null) { return clientApiObject; } Set<String> privileges = privilegeRepository.getPrivileges(user); Ontology ontology = ontologyRepository.getOntology(workspaceId); return appendACL(clientApiObject, ontology, privileges, user, workspaceId); }
private void checkCanDeleteProperty( ClientApiElement clientApiElement, OntologyElement ontologyElement, String propertyKey, String propertyName, Ontology ontology, Set<String> privileges, User user, String workspaceId ) throws VisalloAccessDeniedException { boolean canDelete = internalCanDeleteProperty(clientApiElement, ontologyElement, propertyKey, propertyName, ontology, privileges, user, workspaceId); if (!canDelete) { throw new VisalloAccessDeniedException( propertyName + " cannot be deleted due to ACL restriction", user, clientApiElement.getId()); } }
private void checkCanDeleteProperty( Element element, OntologyElement ontologyElement, String propertyKey, String propertyName, Ontology ontology, Set<String> privileges, User user, String workspaceId ) throws VisalloAccessDeniedException { boolean canDelete = internalCanDeleteProperty(element, ontologyElement, propertyKey, propertyName, ontology, privileges, user, workspaceId); if (!canDelete) { throw new VisalloAccessDeniedException(propertyName + " cannot be deleted due to ACL restriction", user, element.getId()); } }
/** * This is different from the non-private method in that it returns authorizations, * long running processes, etc for that user. */ public ClientApiUser toClientApiPrivate(User user) { ClientApiUser u = toClientApi(user); for (String a : authorizationRepository.getAuthorizations(user)) { u.addAuthorization(a); } for (JSONObject json : getLongRunningProcesses(user)) { u.getLongRunningProcesses().add(ClientApiConverter.toClientApiValue(json)); } u.setUiPreferences(JSONUtil.toJsonNode(user.getUiPreferences())); u.getProperties().putAll(user.getCustomProperties()); Set<String> privileges = privilegeRepository.getPrivileges(user); u.getPrivileges().addAll(privileges); return u; }
private void checkCanAddOrUpdateProperty( ClientApiElement clientApiElement, OntologyElement ontologyElement, Ontology ontology, String propertyKey, String propertyName, User user, String workspaceId ) throws VisalloAccessDeniedException { Set<String> privileges = privilegeRepository.getPrivileges(user); boolean isUpdate = clientApiElement.getProperty(propertyKey, propertyName) != null; boolean canAddOrUpdate = isUpdate ? internalCanUpdateProperty(clientApiElement, ontologyElement, propertyKey, propertyName, ontology, privileges, user, workspaceId) : internalCanAddProperty(clientApiElement, ontologyElement, propertyKey, propertyName, ontology, privileges, user, workspaceId); if (!canAddOrUpdate) { throw new VisalloAccessDeniedException( propertyName + " cannot be added or updated due to ACL restriction", user, clientApiElement.getId()); } }
private void checkCanAddOrUpdateProperty( Element element, OntologyElement ontologyElement, String propertyKey, String propertyName, Ontology ontology, Set<String> privileges, User user, String workspaceId ) throws VisalloAccessDeniedException { boolean isUpdate = element.getProperty(propertyKey, propertyName) != null; boolean canAddOrUpdate = isUpdate ? internalCanUpdateProperty(element, ontologyElement, propertyKey, propertyName, ontology, privileges, user, workspaceId) : internalCanAddProperty(element, ontologyElement, propertyKey, propertyName, ontology, privileges, user, workspaceId); if (!canAddOrUpdate) { throw new VisalloAccessDeniedException( propertyName + " cannot be added or updated due to ACL restriction", user, element.getId()); } }
private ClientApiElementAcl elementACL( ClientApiElement clientApiElement, OntologyElement ontologyElement, Ontology ontology, Set<String> privileges, User user, String workspaceId ) { checkNotNull(clientApiElement, "clientApiElement is required"); ClientApiElementAcl elementAcl = new ClientApiElementAcl(); elementAcl.setAddable(true); elementAcl.setUpdateable(internalCanUpdateElement(clientApiElement, ontologyElement, ontology, privileges, user, workspaceId)); elementAcl.setDeleteable(internalCanDeleteElement(clientApiElement, ontologyElement, ontology, privileges, user, workspaceId)); List<ClientApiPropertyAcl> propertyAcls = elementAcl.getPropertyAcls(); if (clientApiElement instanceof ClientApiVertex) { String iri = VisalloProperties.CONCEPT_TYPE.getPropertyValue(clientApiElement); while (iri != null) { Concept concept = ontology == null ? ontologyRepository.getConceptByIRI(iri, workspaceId) : ontology.getConceptByIri(iri); if (concept == null) { LOGGER.warn("Could not find concept: %s", iri); break; } populatePropertyAcls(concept, clientApiElement, ontologyElement, ontology, privileges, user, workspaceId, propertyAcls); iri = concept.getParentConceptIRI(); } } else if (clientApiElement instanceof ClientApiEdge) { String iri = ((ClientApiEdge) clientApiElement).getLabel(); while (iri != null) { Relationship relationship = ontology == null ? ontologyRepository.getRelationshipByIRI(iri, workspaceId) : ontology.getRelationshipByIri(iri);
Set<String> privileges = privilegeRepository.getPrivileges(user); if (!privileges.contains(Privilege.PUBLISH)) { throw new VisalloException("User does not have access to modify the visibility");
Set<String> privileges = privilegeRepository.getPrivileges(user); if (!privileges.contains(Privilege.PUBLISH)) { throw new VisalloException("User does not have access to modify the visibility");