Search in sources :

Example 1 with Ability

use of com.bakdata.conquery.models.auth.permissions.Ability in project conquery by bakdata.

the class UIProcessor method preparePermissionTemplate.

private Map<String, Pair<Set<Ability>, List<Object>>> preparePermissionTemplate() {
    Map<String, Pair<Set<Ability>, List<Object>>> permissionTemplateMap = new HashMap<>();
    // Grab all possible permission types for the "Create Permission" section
    Set<Class<? extends StringPermissionBuilder>> permissionTypes = CPSTypeIdResolver.listImplementations(StringPermissionBuilder.class);
    for (Class<? extends StringPermissionBuilder> permissionType : permissionTypes) {
        try {
            StringPermissionBuilder instance = (StringPermissionBuilder) permissionType.getField("INSTANCE").get(null);
            // Right argument is for possible targets of a specific permission type, but it
            // is left empty for now.
            permissionTemplateMap.put(instance.getDomain(), Pair.of(instance.getAllowedAbilities(), List.of()));
        } catch (IllegalArgumentException | IllegalAccessException | NoSuchFieldException | SecurityException e) {
            log.error("Could not access allowed abilities for permission type: {}", permissionType, e);
        }
    }
    return permissionTemplateMap;
}
Also used : Ability(com.bakdata.conquery.models.auth.permissions.Ability) StringPermissionBuilder(com.bakdata.conquery.models.auth.permissions.StringPermissionBuilder) Pair(org.apache.commons.lang3.tuple.Pair)

Example 2 with Ability

use of com.bakdata.conquery.models.auth.permissions.Ability in project conquery by bakdata.

the class TokenScopedUser method isPermitted.

@Override
public boolean[] isPermitted(List<? extends Authorized> authorized, Ability ability) {
    final EnumSet<Ability> abilitySet = EnumSet.of(ability);
    boolean[] ret = new boolean[authorized.size()];
    for (int i = 0; i < ret.length; i++) {
        Authorized object = authorized.get(i);
        ret[i] = tokenContext.isCoveredByScopes(object.createPermission(abilitySet)) && delegate.isPermitted(object, ability);
    }
    return ret;
}
Also used : Ability(com.bakdata.conquery.models.auth.permissions.Ability) Authorized(com.bakdata.conquery.models.auth.permissions.Authorized)

Aggregations

Ability (com.bakdata.conquery.models.auth.permissions.Ability)2 Authorized (com.bakdata.conquery.models.auth.permissions.Authorized)1 StringPermissionBuilder (com.bakdata.conquery.models.auth.permissions.StringPermissionBuilder)1 Pair (org.apache.commons.lang3.tuple.Pair)1