use of com.objectcomputing.checkins.services.permissions.RequiredPermission in project check-ins by objectcomputing.
the class PermissionSecurityRule method check.
@Override
public SecurityRuleResult check(HttpRequest<?> request, @Nullable RouteMatch<?> routeMatch, @Nullable Map<String, Object> claims) {
if (routeMatch instanceof MethodBasedRouteMatch) {
MethodBasedRouteMatch methodBasedRouteMatch = (MethodBasedRouteMatch) routeMatch;
if (methodBasedRouteMatch.hasAnnotation(RequiredPermission.class)) {
AnnotationValue<RequiredPermission> requiredPermissionAnnotation = methodBasedRouteMatch.getAnnotation(RequiredPermission.class);
Optional<String> optionalPermission = requiredPermissionAnnotation != null ? requiredPermissionAnnotation.stringValue("value") : Optional.empty();
if (optionalPermission.isPresent() && claims != null && claims.containsKey("permissions")) {
final String requiredPermission = optionalPermission.get();
final String userPermissions = claims.get("permissions").toString();
return userPermissions.contains(requiredPermission) ? SecurityRuleResult.ALLOWED : SecurityRuleResult.REJECTED;
}
}
}
return SecurityRuleResult.UNKNOWN;
}
Aggregations