use of com.runwaysdk.business.rbac.RoleDAO in project geoprism-registry by terraframe.
the class BusinessType method apply.
@Transaction
public static BusinessType apply(JsonObject object) {
String code = object.get(BusinessType.CODE).getAsString();
String organizationCode = object.get(BusinessType.ORGANIZATION).getAsString();
Organization organization = Organization.getByCode(organizationCode);
ServiceFactory.getGeoObjectTypePermissionService().enforceCanCreate(organization.getCode(), false);
if (!MasterList.isValidName(code)) {
throw new InvalidMasterListCodeException("The geo object type code has an invalid character");
}
if (code.length() > 64) {
// Setting the typename on the MdBusiness creates this limitation.
CodeLengthException ex = new CodeLengthException();
ex.setLength(64);
throw ex;
}
// assignSRAPermissions(mdVertex, mdBusiness);
// assignAll_RA_Permissions(mdVertex, mdBusiness, organizationCode);
LocalizedValue localizedValue = LocalizedValue.fromJSON(object.get(DISPLAYLABEL).getAsJsonObject());
BusinessType businessType = (object.has(OID) && !object.get(OID).isJsonNull()) ? BusinessType.get(object.get(OID).getAsString()) : new BusinessType();
businessType.setCode(code);
businessType.setOrganization(organization);
LocalizedValueConverter.populate(businessType.getDisplayLabel(), localizedValue);
boolean isNew = businessType.isNew();
if (isNew) {
MdVertexDAO mdVertex = MdVertexDAO.newInstance();
mdVertex.setValue(MdGeoVertexInfo.PACKAGE, RegistryConstants.BUSINESS_PACKAGE);
mdVertex.setValue(MdGeoVertexInfo.NAME, code);
mdVertex.setValue(MdGeoVertexInfo.ENABLE_CHANGE_OVER_TIME, MdAttributeBooleanInfo.FALSE);
mdVertex.setValue(MdGeoVertexInfo.GENERATE_SOURCE, MdAttributeBooleanInfo.FALSE);
LocalizedValueConverter.populate(mdVertex, MdVertexInfo.DISPLAY_LABEL, localizedValue);
mdVertex.apply();
// TODO CREATE the edge between this class and GeoVertex??
MdVertexDAOIF mdGeoVertexDAO = MdVertexDAO.getMdVertexDAO(GeoVertex.CLASS);
MdAttributeGraphReferenceDAO mdGeoObject = MdAttributeGraphReferenceDAO.newInstance();
mdGeoObject.setValue(MdAttributeGraphReferenceInfo.REFERENCE_MD_VERTEX, mdGeoVertexDAO.getOid());
mdGeoObject.setValue(MdAttributeGraphReferenceInfo.DEFINING_MD_CLASS, mdVertex.getOid());
mdGeoObject.setValue(MdAttributeGraphReferenceInfo.NAME, GEO_OBJECT);
mdGeoObject.setStructValue(MdAttributeGraphReferenceInfo.DESCRIPTION, MdAttributeLocalInfo.DEFAULT_LOCALE, "Geo Object");
mdGeoObject.apply();
// DefaultAttribute.CODE
MdAttributeCharacterDAO vertexCodeMdAttr = MdAttributeCharacterDAO.newInstance();
vertexCodeMdAttr.setValue(MdAttributeConcreteInfo.NAME, DefaultAttribute.CODE.getName());
vertexCodeMdAttr.setStructValue(MdAttributeConcreteInfo.DISPLAY_LABEL, MdAttributeLocalInfo.DEFAULT_LOCALE, DefaultAttribute.CODE.getDefaultLocalizedName());
vertexCodeMdAttr.setStructValue(MdAttributeConcreteInfo.DESCRIPTION, MdAttributeLocalInfo.DEFAULT_LOCALE, DefaultAttribute.CODE.getDefaultDescription());
vertexCodeMdAttr.setValue(MdAttributeCharacterInfo.SIZE, MdAttributeCharacterInfo.MAX_CHARACTER_SIZE);
vertexCodeMdAttr.setValue(MdAttributeConcreteInfo.DEFINING_MD_CLASS, mdVertex.getOid());
vertexCodeMdAttr.setValue(MdAttributeConcreteInfo.REQUIRED, MdAttributeBooleanInfo.TRUE);
vertexCodeMdAttr.addItem(MdAttributeConcreteInfo.INDEX_TYPE, IndexTypes.UNIQUE_INDEX.getOid());
vertexCodeMdAttr.apply();
businessType.setMdVertexId(mdVertex.getOid());
// Assign permissions
Roles role = Roles.findRoleByName(RegistryConstants.REGISTRY_SUPER_ADMIN_ROLE);
RoleDAO roleDAO = (RoleDAO) BusinessFacade.getEntityDAO(role);
roleDAO.grantPermission(Operation.CREATE, mdVertex.getOid());
roleDAO.grantPermission(Operation.DELETE, mdVertex.getOid());
roleDAO.grantPermission(Operation.WRITE, mdVertex.getOid());
roleDAO.grantPermission(Operation.WRITE_ALL, mdVertex.getOid());
}
businessType.apply();
return businessType;
}
use of com.runwaysdk.business.rbac.RoleDAO in project geoprism-registry by terraframe.
the class MasterListVersion method assignDefaultRolePermissions.
private static void assignDefaultRolePermissions(ComponentIF component) {
RoleDAO adminRole = RoleDAO.findRole(DefaultConfiguration.ADMIN).getBusinessDAO();
adminRole.grantPermission(Operation.CREATE, component.getOid());
adminRole.grantPermission(Operation.DELETE, component.getOid());
adminRole.grantPermission(Operation.WRITE, component.getOid());
adminRole.grantPermission(Operation.WRITE_ALL, component.getOid());
RoleDAO maintainer = RoleDAO.findRole(RegistryConstants.REGISTRY_MAINTAINER_ROLE).getBusinessDAO();
maintainer.grantPermission(Operation.CREATE, component.getOid());
maintainer.grantPermission(Operation.DELETE, component.getOid());
maintainer.grantPermission(Operation.WRITE, component.getOid());
maintainer.grantPermission(Operation.WRITE_ALL, component.getOid());
RoleDAO consumer = RoleDAO.findRole(RegistryConstants.API_CONSUMER_ROLE).getBusinessDAO();
consumer.grantPermission(Operation.READ, component.getOid());
consumer.grantPermission(Operation.READ_ALL, component.getOid());
RoleDAO contributor = RoleDAO.findRole(RegistryConstants.REGISTRY_CONTRIBUTOR_ROLE).getBusinessDAO();
contributor.grantPermission(Operation.READ, component.getOid());
contributor.grantPermission(Operation.READ_ALL, component.getOid());
}
use of com.runwaysdk.business.rbac.RoleDAO in project geoprism-registry by terraframe.
the class Organization method createOrganizationRole.
/**
* Creates a {@link RoleDAOIF} for this {@link Organization}.
*
* Precondition: a {@link RoleDAOIF} does not exist for this
* {@link Organization}. Precondition: the display label for the default
* locale has a value for this {@link Organization}
*/
private void createOrganizationRole() {
String roleName = this.getRoleName();
String defaultDisplayLabel = this.getDisplayLabel().getDefaultValue();
RoleDAO orgRole = RoleDAO.createRole(roleName, defaultDisplayLabel);
RoleDAO rootOrgRole = (RoleDAO) RoleDAO.findRole(RegistryRole.Type.REGISTRY_ROOT_ORG_ROLE);
rootOrgRole.addInheritance(orgRole);
}
use of com.runwaysdk.business.rbac.RoleDAO in project geoprism-registry by terraframe.
the class UndirectedGraphType method create.
@Transaction
public static UndirectedGraphType create(String code, LocalizedValue label, LocalizedValue description) {
RoleDAO maintainer = RoleDAO.findRole(RegistryConstants.REGISTRY_MAINTAINER_ROLE).getBusinessDAO();
RoleDAO consumer = RoleDAO.findRole(RegistryConstants.API_CONSUMER_ROLE).getBusinessDAO();
RoleDAO contributor = RoleDAO.findRole(RegistryConstants.REGISTRY_CONTRIBUTOR_ROLE).getBusinessDAO();
try {
MdVertexDAOIF mdBusGeoEntity = MdVertexDAO.getMdVertexDAO(GeoVertex.CLASS);
MdEdgeDAO mdEdgeDAO = MdEdgeDAO.newInstance();
mdEdgeDAO.setValue(MdEdgeInfo.PACKAGE, RegistryConstants.UNDIRECTED_GRAPH_PACKAGE);
mdEdgeDAO.setValue(MdEdgeInfo.NAME, code);
mdEdgeDAO.setValue(MdEdgeInfo.PARENT_MD_VERTEX, mdBusGeoEntity.getOid());
mdEdgeDAO.setValue(MdEdgeInfo.CHILD_MD_VERTEX, mdBusGeoEntity.getOid());
LocalizedValueConverter.populate(mdEdgeDAO, MdEdgeInfo.DISPLAY_LABEL, label);
LocalizedValueConverter.populate(mdEdgeDAO, MdEdgeInfo.DESCRIPTION, description);
mdEdgeDAO.setValue(MdEdgeInfo.ENABLE_CHANGE_OVER_TIME, MdAttributeBooleanInfo.FALSE);
mdEdgeDAO.apply();
MdAttributeDateTimeDAO startDate = MdAttributeDateTimeDAO.newInstance();
startDate.setValue(MdAttributeDateTimeInfo.NAME, GeoVertex.START_DATE);
startDate.setStructValue(MdAttributeDateTimeInfo.DISPLAY_LABEL, MdAttributeLocalInfo.DEFAULT_LOCALE, "Start Date");
startDate.setStructValue(MdAttributeDateTimeInfo.DESCRIPTION, MdAttributeLocalInfo.DEFAULT_LOCALE, "Start Date");
startDate.setValue(MdAttributeDateTimeInfo.DEFINING_MD_CLASS, mdEdgeDAO.getOid());
startDate.apply();
MdAttributeDateTimeDAO endDate = MdAttributeDateTimeDAO.newInstance();
endDate.setValue(MdAttributeDateTimeInfo.NAME, GeoVertex.END_DATE);
endDate.setStructValue(MdAttributeDateTimeInfo.DISPLAY_LABEL, MdAttributeLocalInfo.DEFAULT_LOCALE, "End Date");
endDate.setStructValue(MdAttributeDateTimeInfo.DESCRIPTION, MdAttributeLocalInfo.DEFAULT_LOCALE, "End Date");
endDate.setValue(MdAttributeDateTimeInfo.DEFINING_MD_CLASS, mdEdgeDAO.getOid());
endDate.apply();
ServerHierarchyTypeBuilder permissionBuilder = new ServerHierarchyTypeBuilder();
permissionBuilder.grantWritePermissionsOnMdTermRel(mdEdgeDAO);
permissionBuilder.grantWritePermissionsOnMdTermRel(maintainer, mdEdgeDAO);
permissionBuilder.grantReadPermissionsOnMdTermRel(consumer, mdEdgeDAO);
permissionBuilder.grantReadPermissionsOnMdTermRel(contributor, mdEdgeDAO);
UndirectedGraphType graphType = new UndirectedGraphType();
graphType.setCode(code);
graphType.setMdEdgeId(mdEdgeDAO.getOid());
LocalizedValueConverter.populate(graphType.getDisplayLabel(), label);
LocalizedValueConverter.populate(graphType.getDescription(), description);
graphType.apply();
return graphType;
} catch (DuplicateDataException ex) {
DuplicateHierarchyTypeException ex2 = new DuplicateHierarchyTypeException();
ex2.setDuplicateValue(code);
throw ex2;
}
}
use of com.runwaysdk.business.rbac.RoleDAO in project geoprism-registry by terraframe.
the class UserInfo method applyUserWithRoles.
@Transaction
public static JSONObject applyUserWithRoles(JsonObject account, String[] roleNameArray, boolean isUserInvite) {
GeoprismUser geoprismUser = deserialize(account);
if (roleNameArray != null && roleNameArray.length == 0) {
// TODO : Better Error
throw new AttributeValueException("You're attempting to apply a user with zero roles?", "");
}
/*
* Make sure they have permissions to all these new roles they want to
* assign
*/
if (!isUserInvite && Session.getCurrentSession() != null && Session.getCurrentSession().getUser() != null) {
Set<RoleDAOIF> myRoles = Session.getCurrentSession().getUser().authorizedRoles();
boolean hasSRA = false;
for (RoleDAOIF myRole : myRoles) {
if (RegistryRole.Type.isSRA_Role(myRole.getRoleName())) {
hasSRA = true;
}
}
if (!hasSRA && roleNameArray != null) {
for (String roleName : roleNameArray) {
boolean hasPermission = false;
if (RegistryRole.Type.isOrgRole(roleName) && !RegistryRole.Type.isRootOrgRole(roleName)) {
String orgCodeArg = RegistryRole.Type.parseOrgCode(roleName);
for (RoleDAOIF myRole : myRoles) {
if (RegistryRole.Type.isRA_Role(myRole.getRoleName())) {
String myOrgCode = RegistryRole.Type.parseOrgCode(myRole.getRoleName());
if (myOrgCode.equals(orgCodeArg)) {
hasPermission = true;
break;
}
}
}
} else if (RegistryRole.Type.isSRA_Role(roleName)) {
SRAException ex = new SRAException();
throw ex;
} else {
hasPermission = true;
}
if (!hasPermission) {
OrganizationRAException ex = new OrganizationRAException();
throw ex;
}
}
}
}
// They're not allowed to change the admin username
if (!geoprismUser.isNew()) {
GeoprismUser adminUser = getAdminUser();
if (adminUser != null && adminUser.getOid().equals(geoprismUser.getOid()) && !geoprismUser.getUsername().equals(RegistryConstants.ADMIN_USER_NAME)) {
// TODO : Better Error
throw new AttributeValueException("You can't change the admin username", RegistryConstants.ADMIN_USER_NAME);
}
}
geoprismUser.apply();
if (roleNameArray != null) {
List<Roles> newRoles = new LinkedList<Roles>();
Set<String> roleIdSet = new HashSet<String>();
for (String roleName : roleNameArray) {
Roles role = Roles.findRoleByName(roleName);
roleIdSet.add(role.getOid());
newRoles.add(role);
}
List<ConfigurationIF> configurations = ConfigurationService.getConfigurations();
for (ConfigurationIF configuration : configurations) {
configuration.configureUserRoles(roleIdSet);
}
UserDAOIF user = UserDAO.get(geoprismUser.getOid());
// Remove existing roles.
Set<RoleDAOIF> userRoles = user.assignedRoles();
for (RoleDAOIF roleDAOIF : userRoles) {
RoleDAO roleDAO = RoleDAO.get(roleDAOIF.getOid()).getBusinessDAO();
if (!(geoprismUser.getUsername().equals(RegistryConstants.ADMIN_USER_NAME) && (roleDAO.getRoleName().equals(RegistryConstants.REGISTRY_SUPER_ADMIN_ROLE) || roleDAO.getRoleName().equals(DefaultConfiguration.ADMIN)))) {
roleDAO.deassignMember(user);
}
}
// Delete existing relationships with Organizations.
QueryFactory qf = new QueryFactory();
OrganizationUserQuery q = new OrganizationUserQuery(qf);
q.WHERE(q.childOid().EQ(geoprismUser.getOid()));
OIterator<? extends OrganizationUser> i = q.getIterator();
i.forEach(r -> r.delete());
/*
* Assign roles and associate with the user
*/
Set<String> organizationSet = new HashSet<String>();
for (Roles role : newRoles) {
RoleDAO roleDAO = (RoleDAO) BusinessFacade.getEntityDAO(role);
roleDAO.assignMember(user);
RegistryRole registryRole = new RegistryRoleConverter().build(role);
if (registryRole != null) {
String organizationCode = registryRole.getOrganizationCode();
if (organizationCode != null && !organizationCode.equals("") && !organizationSet.contains(organizationCode)) {
Organization organization = Organization.getByCode(organizationCode);
organization.addUsers(geoprismUser).apply();
organizationSet.add(organizationCode);
}
}
}
}
UserInfo info = getByUser(geoprismUser);
if (info == null) {
info = new UserInfo();
info.setGeoprismUser(geoprismUser);
} else {
info.lock();
}
if (account.has(UserInfo.ALTFIRSTNAME)) {
info.setAltFirstName(account.get(UserInfo.ALTFIRSTNAME).getAsString());
} else {
info.setAltFirstName("");
}
if (account.has(UserInfo.ALTLASTNAME)) {
info.setAltLastName(account.get(UserInfo.ALTLASTNAME).getAsString());
} else {
info.setAltLastName("");
}
if (account.has(UserInfo.ALTPHONENUMBER)) {
info.setAltPhoneNumber(account.get(UserInfo.ALTPHONENUMBER).getAsString());
} else {
info.setAltPhoneNumber("");
}
if (account.has(UserInfo.POSITION)) {
info.setPosition(account.get(UserInfo.POSITION).getAsString());
} else {
info.setPosition("");
}
if (account.has(UserInfo.DEPARTMENT)) {
info.setDepartment(account.get(UserInfo.DEPARTMENT).getAsString());
} else {
info.setDepartment("");
}
if (account.has(UserInfo.EXTERNALSYSTEMOID)) {
info.setExternalSystemOid(account.get(UserInfo.EXTERNALSYSTEMOID).getAsString());
} else {
info.setExternalSystemOid("");
}
info.apply();
return serialize(geoprismUser, info);
}
Aggregations