Examples with AbstractSecuredEntity com.epam.pipeline.entity.AbstractSecuredEntity used on opensource projects

Search in sources :

Example 6 with AbstractSecuredEntity

use of com.epam.pipeline.entity.AbstractSecuredEntity in project cloud-pipeline by epam.

the class GrantPermissionManager method loadAllEntitiesPermissions.

public EntityWithPermissionVO loadAllEntitiesPermissions(AclClass aclClass, Integer page, Integer pageSize, boolean expandGroups, Integer filterMask) {
    EntityWithPermissionVO result = new EntityWithPermissionVO();
    Collection<? extends AbstractSecuredEntity> entities = entityManager.loadAllWithParents(aclClass, page, pageSize);
    Map<AbstractSecuredEntity, List<AclPermissionEntry>> allPermissions = getEntitiesPermissions(entities);
    result.setTotalCount(entityManager.loadTotalCount(aclClass));
    List<EntityPermission> permissions = entities.stream().distinct().sorted(Comparator.comparingLong(BaseEntity::getId)).map(entity -> getEntityPermission(allPermissions, entity)).collect(toList());
    if (expandGroups) {
        expandGroups(permissions);
        if (filterMask != null) {
            permissions.forEach(entry -> {
                Set<AclPermissionEntry> filtered = SetUtils.emptyIfNull(entry.getPermissions()).stream().filter(permission -> permissionsService.isMaskBitSet(permission.getMask(), filterMask)).collect(toSet());
                entry.setPermissions(filtered);
            });
        }
    }
    result.setEntityPermissions(permissions);
    return result;
}
Also used : Autowired(org.springframework.beans.factory.annotation.Autowired) EntityEventServiceManager(com.epam.pipeline.manager.event.EntityEventServiceManager) StringUtils(org.apache.commons.lang3.StringUtils) PermissionGrantVO(com.epam.pipeline.controller.vo.PermissionGrantVO) PipelineApiService(com.epam.pipeline.manager.pipeline.PipelineApiService) ObjectIdentity(org.springframework.security.acls.model.ObjectIdentity) PipelineRun(com.epam.pipeline.entity.pipeline.PipelineRun) ConfigurationProviderManager(com.epam.pipeline.manager.pipeline.runner.ConfigurationProviderManager) AbstractRunConfigurationEntry(com.epam.pipeline.entity.configuration.AbstractRunConfigurationEntry) AclPermission(com.epam.pipeline.security.acl.AclPermission) Map(java.util.Map) MutableAcl(org.springframework.security.acls.model.MutableAcl) SecurityContextHolder(org.springframework.security.core.context.SecurityContextHolder) PermissionFactory(org.springframework.security.acls.domain.PermissionFactory) DefaultRoles(com.epam.pipeline.entity.user.DefaultRoles) Set(java.util.Set) Acl(org.springframework.security.acls.model.Acl) EntityWithPermissionVO(com.epam.pipeline.controller.vo.security.EntityWithPermissionVO) Tool(com.epam.pipeline.entity.pipeline.Tool) Stream(java.util.stream.Stream) CollectionUtils(org.springframework.util.CollectionUtils) EntityVO(com.epam.pipeline.controller.vo.EntityVO) AclDataAccessException(org.springframework.security.acls.model.AclDataAccessException) MetadataEntry(com.epam.pipeline.entity.metadata.MetadataEntry) ObjectIdentityImpl(org.springframework.security.acls.domain.ObjectIdentityImpl) AbstractEntityPermissionMapper(com.epam.pipeline.mapper.AbstractEntityPermissionMapper) DataStorageAction(com.epam.pipeline.entity.datastorage.DataStorageAction) Collectors.groupingBy(java.util.stream.Collectors.groupingBy) RunConfigurationVO(com.epam.pipeline.controller.vo.configuration.RunConfigurationVO) ArrayList(java.util.ArrayList) DockerRegistryManager(com.epam.pipeline.manager.docker.DockerRegistryManager) Service(org.springframework.stereotype.Service) SetUtils(org.apache.commons.collections4.SetUtils) EntityManager(com.epam.pipeline.manager.EntityManager) Sid(org.springframework.security.acls.model.Sid) BaseEntity(com.epam.pipeline.entity.BaseEntity) Pair(org.apache.commons.math3.util.Pair) FolderManager(com.epam.pipeline.manager.pipeline.FolderManager) TaskStatus(com.epam.pipeline.entity.pipeline.TaskStatus) AbstractDataStorage(com.epam.pipeline.entity.datastorage.AbstractDataStorage) PermissionEvaluator(org.springframework.security.access.PermissionEvaluator) EntityPermissionVO(com.epam.pipeline.controller.vo.EntityPermissionVO) GrantedAuthoritySid(org.springframework.security.acls.domain.GrantedAuthoritySid) PrincipalSid(org.springframework.security.acls.domain.PrincipalSid) RunConfiguration(com.epam.pipeline.entity.configuration.RunConfiguration) DockerRegistry(com.epam.pipeline.entity.pipeline.DockerRegistry) AclSecuredEntry(com.epam.pipeline.entity.security.acl.AclSecuredEntry) PipelineWithPermissions(com.epam.pipeline.entity.pipeline.PipelineWithPermissions) MetadataEntityManager(com.epam.pipeline.manager.metadata.MetadataEntityManager) AclClass(com.epam.pipeline.entity.security.acl.AclClass) ToolGroup(com.epam.pipeline.entity.pipeline.ToolGroup) AbstractHierarchicalEntity(com.epam.pipeline.entity.AbstractHierarchicalEntity) RequiredArgsConstructor(lombok.RequiredArgsConstructor) LoggerFactory(org.slf4j.LoggerFactory) EntityPermission(com.epam.pipeline.entity.security.acl.EntityPermission) Folder(com.epam.pipeline.entity.pipeline.Folder) UserContext(com.epam.pipeline.security.UserContext) MessageHelper(com.epam.pipeline.common.MessageHelper) Collectors.toMap(java.util.stream.Collectors.toMap) ListUtils(org.apache.commons.collections4.ListUtils) PipelineWithPermissionsMapper(com.epam.pipeline.mapper.PipelineWithPermissionsMapper) IssueComment(com.epam.pipeline.entity.issue.IssueComment) NodesManager(com.epam.pipeline.manager.cluster.NodesManager) IssueManager(com.epam.pipeline.manager.issue.IssueManager) Collectors.toSet(java.util.stream.Collectors.toSet) Pipeline(com.epam.pipeline.entity.pipeline.Pipeline) RepositoryTool(com.epam.pipeline.entity.pipeline.RepositoryTool) AbstractSecuredEntity(com.epam.pipeline.entity.AbstractSecuredEntity) Collection(java.util.Collection) AccessControlEntry(org.springframework.security.acls.model.AccessControlEntry) AclPermissionEntry(com.epam.pipeline.entity.security.acl.AclPermissionEntry) NodeInstance(com.epam.pipeline.entity.cluster.NodeInstance) List(java.util.List) UserManager(com.epam.pipeline.manager.user.UserManager) SidRetrievalStrategy(org.springframework.security.acls.model.SidRetrievalStrategy) Optional(java.util.Optional) Authentication(org.springframework.security.core.Authentication) AclSecuredFilter(com.epam.pipeline.entity.filter.AclSecuredFilter) JdbcMutableAclServiceImpl(com.epam.pipeline.security.acl.JdbcMutableAclServiceImpl) MessageConstants(com.epam.pipeline.common.MessageConstants) PipelineRunManager(com.epam.pipeline.manager.pipeline.PipelineRunManager) ToolManager(com.epam.pipeline.manager.pipeline.ToolManager) Permission(org.springframework.security.acls.model.Permission) HashMap(java.util.HashMap) HashSet(java.util.HashSet) Propagation(org.springframework.transaction.annotation.Propagation) Collectors.mapping(java.util.stream.Collectors.mapping) ToolGroupManager(com.epam.pipeline.manager.pipeline.ToolGroupManager) Logger(org.slf4j.Logger) AclSid(com.epam.pipeline.entity.security.acl.AclSid) Collectors.toList(java.util.stream.Collectors.toList) MetadataEntity(com.epam.pipeline.entity.metadata.MetadataEntity) PipelinesWithPermissionsVO(com.epam.pipeline.controller.vo.PipelinesWithPermissionsVO) AccessControlEntryImpl(org.springframework.security.acls.domain.AccessControlEntryImpl) Data(lombok.Data) Issue(com.epam.pipeline.entity.issue.Issue) Comparator(java.util.Comparator) Collections(java.util.Collections) Transactional(org.springframework.transaction.annotation.Transactional) Assert(org.springframework.util.Assert) EntityWithPermissionVO(com.epam.pipeline.controller.vo.security.EntityWithPermissionVO) EntityPermission(com.epam.pipeline.entity.security.acl.EntityPermission) AbstractSecuredEntity(com.epam.pipeline.entity.AbstractSecuredEntity) AclPermissionEntry(com.epam.pipeline.entity.security.acl.AclPermissionEntry) ArrayList(java.util.ArrayList) List(java.util.List) Collectors.toList(java.util.stream.Collectors.toList)

Example 7 with AbstractSecuredEntity

use of com.epam.pipeline.entity.AbstractSecuredEntity in project cloud-pipeline by epam.

the class GrantPermissionManager method changeOwner.

@Transactional(propagation = Propagation.REQUIRED)
public AclSecuredEntry changeOwner(final Long id, final AclClass aclClass, final String userName) {
    Assert.isTrue(StringUtils.isNotBlank(userName), "User name is required " + "to change owner of an object.");
    final AbstractSecuredEntity entity = entityManager.load(aclClass, id);
    final UserContext userContext = userManager.loadUserContext(userName);
    Assert.notNull(userContext, String.format("The user with name %s doesn't exist.", userName));
    if (entity.getOwner().equalsIgnoreCase(userName)) {
        LOGGER.info("The resource you're trying to change owner is already owned by this user.");
        return new AclSecuredEntry(entity);
    }
    aclService.changeOwner(entity, userName);
    return new AclSecuredEntry(entityManager.changeOwner(aclClass, id, userName));
}
Also used : UserContext(com.epam.pipeline.security.UserContext) AbstractSecuredEntity(com.epam.pipeline.entity.AbstractSecuredEntity) AclSecuredEntry(com.epam.pipeline.entity.security.acl.AclSecuredEntry) Transactional(org.springframework.transaction.annotation.Transactional)

Example 8 with AbstractSecuredEntity

use of com.epam.pipeline.entity.AbstractSecuredEntity in project cloud-pipeline by epam.

the class GrantPermissionManager method runPermission.

public boolean runPermission(PipelineRun run, String permissionName) {
    if (permissionsHelper.isOwner(run)) {
        run.setMask(AbstractSecuredEntity.ALL_PERMISSIONS_MASK);
        return true;
    }
    AbstractSecuredEntity parent = runManager.loadRunParent(run);
    if (parent == null) {
        run.setMask(0);
        return false;
    }
    boolean allowed = permissionEvaluator.hasPermission(SecurityContextHolder.getContext().getAuthentication(), parent, permissionName);
    if (allowed) {
        run.setMask(getPermissionsMask(parent, true, true));
    }
    return allowed;
}
Also used : AbstractSecuredEntity(com.epam.pipeline.entity.AbstractSecuredEntity)

Example 9 with AbstractSecuredEntity

use of com.epam.pipeline.entity.AbstractSecuredEntity in project cloud-pipeline by epam.

the class GrantPermissionManager method getPermissions.

public AclSecuredEntry getPermissions(Long id, AclClass aclClass) {
    AbstractSecuredEntity entity = entityManager.load(aclClass, id);
    MutableAcl acl = aclService.getOrCreateObjectIdentity(entity);
    return convertAclToEntry(entity, acl);
}
Also used : AbstractSecuredEntity(com.epam.pipeline.entity.AbstractSecuredEntity) MutableAcl(org.springframework.security.acls.model.MutableAcl)

Example 10 with AbstractSecuredEntity

use of com.epam.pipeline.entity.AbstractSecuredEntity in project cloud-pipeline by epam.

the class GrantPermissionManager method runPermission.

public boolean runPermission(Long runId, String permissionName) {
    PipelineRun pipelineRun = runManager.loadPipelineRun(runId);
    if (permissionsHelper.isOwner(pipelineRun)) {
        return true;
    }
    AbstractSecuredEntity parent = pipelineRun.getParent();
    if (parent == null) {
        return false;
    }
    return permissionEvaluator.hasPermission(SecurityContextHolder.getContext().getAuthentication(), parent, permissionName);
}
Also used : PipelineRun(com.epam.pipeline.entity.pipeline.PipelineRun) AbstractSecuredEntity(com.epam.pipeline.entity.AbstractSecuredEntity)

Aggregations

AbstractSecuredEntity (com.epam.pipeline.entity.AbstractSecuredEntity)21 Transactional (org.springframework.transaction.annotation.Transactional)8 MutableAcl (org.springframework.security.acls.model.MutableAcl)7 AclSid (com.epam.pipeline.entity.security.acl.AclSid)5 EntityPermission (com.epam.pipeline.entity.security.acl.EntityPermission)5 AclSecuredEntry (com.epam.pipeline.entity.security.acl.AclSecuredEntry)4 AclPermission (com.epam.pipeline.security.acl.AclPermission)4 ArrayList (java.util.ArrayList)4 List (java.util.List)4 Collectors.toList (java.util.stream.Collectors.toList)4 Permission (org.springframework.security.acls.model.Permission)4 EntityVO (com.epam.pipeline.controller.vo.EntityVO)3 Issue (com.epam.pipeline.entity.issue.Issue)3 IssueComment (com.epam.pipeline.entity.issue.IssueComment)3 MetadataEntity (com.epam.pipeline.entity.metadata.MetadataEntity)3 DockerRegistry (com.epam.pipeline.entity.pipeline.DockerRegistry)3 AclPermissionEntry (com.epam.pipeline.entity.security.acl.AclPermissionEntry)3 GrantedAuthoritySid (org.springframework.security.acls.domain.GrantedAuthoritySid)3 PrincipalSid (org.springframework.security.acls.domain.PrincipalSid)3 Sid (org.springframework.security.acls.model.Sid)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial