Search in sources :

Example 1 with RequiredPermission

use of com.objectcomputing.checkins.services.permissions.RequiredPermission in project check-ins by objectcomputing.

the class PermissionSecurityRule method check.

@Override
public SecurityRuleResult check(HttpRequest<?> request, @Nullable RouteMatch<?> routeMatch, @Nullable Map<String, Object> claims) {
    if (routeMatch instanceof MethodBasedRouteMatch) {
        MethodBasedRouteMatch methodBasedRouteMatch = (MethodBasedRouteMatch) routeMatch;
        if (methodBasedRouteMatch.hasAnnotation(RequiredPermission.class)) {
            AnnotationValue<RequiredPermission> requiredPermissionAnnotation = methodBasedRouteMatch.getAnnotation(RequiredPermission.class);
            Optional<String> optionalPermission = requiredPermissionAnnotation != null ? requiredPermissionAnnotation.stringValue("value") : Optional.empty();
            if (optionalPermission.isPresent() && claims != null && claims.containsKey("permissions")) {
                final String requiredPermission = optionalPermission.get();
                final String userPermissions = claims.get("permissions").toString();
                return userPermissions.contains(requiredPermission) ? SecurityRuleResult.ALLOWED : SecurityRuleResult.REJECTED;
            }
        }
    }
    return SecurityRuleResult.UNKNOWN;
}
Also used : RequiredPermission(com.objectcomputing.checkins.services.permissions.RequiredPermission) MethodBasedRouteMatch(io.micronaut.web.router.MethodBasedRouteMatch)

Aggregations

RequiredPermission (com.objectcomputing.checkins.services.permissions.RequiredPermission)1 MethodBasedRouteMatch (io.micronaut.web.router.MethodBasedRouteMatch)1