Search in sources :

Example 11 with SingleActorDAOIF

use of com.runwaysdk.business.rbac.SingleActorDAOIF in project geoprism-registry by terraframe.

the class HierarchyTypePermissionService method getPermissions.

public Set<CGRPermissionActionIF> getPermissions(String orgCode) {
    if (// null actor is assumed to be SYSTEM
    !this.hasSessionUser()) {
        return new HashSet<CGRPermissionActionIF>(Arrays.asList(CGRPermissionAction.values()));
    }
    // final String orgCode = sht.getOrganization().getCode();
    HashSet<CGRPermissionActionIF> actions = new HashSet<CGRPermissionActionIF>();
    actions.add(CGRPermissionAction.READ);
    if (orgCode != null) {
        SingleActorDAOIF actor = this.getSessionUser();
        Set<RoleDAOIF> roles = actor.authorizedRoles();
        for (RoleDAOIF role : roles) {
            String roleName = role.getRoleName();
            if (RegistryRole.Type.isOrgRole(roleName) && !RegistryRole.Type.isRootOrgRole(roleName)) {
                String roleOrgCode = RegistryRole.Type.parseOrgCode(roleName);
                if (orgCode.equals(roleOrgCode)) {
                    if (RegistryRole.Type.isRA_Role(roleName)) {
                        actions.add(CGRPermissionAction.WRITE);
                        actions.add(CGRPermissionAction.CREATE);
                        actions.add(CGRPermissionAction.DELETE);
                    }
                }
            } else if (RegistryRole.Type.isSRA_Role(roleName)) {
                actions.add(CGRPermissionAction.WRITE);
                actions.add(CGRPermissionAction.CREATE);
                actions.add(CGRPermissionAction.DELETE);
            }
        }
    }
    return actions;
}
Also used : SingleActorDAOIF(com.runwaysdk.business.rbac.SingleActorDAOIF) RoleDAOIF(com.runwaysdk.business.rbac.RoleDAOIF) HashSet(java.util.HashSet)

Example 12 with SingleActorDAOIF

use of com.runwaysdk.business.rbac.SingleActorDAOIF in project geoprism-registry by terraframe.

the class RolePermissionService method getOrganization.

/**
 * If the session user is an org role, this method will return the user's
 * organization. Otherwise this method will return null.
 */
public String getOrganization() {
    if (this.hasSessionUser()) {
        SingleActorDAOIF actor = this.getSessionUser();
        Set<RoleDAOIF> roles = actor.authorizedRoles();
        for (RoleDAOIF role : roles) {
            String roleName = role.getRoleName();
            if (RegistryRole.Type.isOrgRole(roleName) && !RegistryRole.Type.isRootOrgRole(roleName)) {
                String roleOrgCode = RegistryRole.Type.parseOrgCode(roleName);
                return roleOrgCode;
            }
        }
    }
    return null;
}
Also used : SingleActorDAOIF(com.runwaysdk.business.rbac.SingleActorDAOIF) RoleDAOIF(com.runwaysdk.business.rbac.RoleDAOIF)

Example 13 with SingleActorDAOIF

use of com.runwaysdk.business.rbac.SingleActorDAOIF in project geoprism-registry by terraframe.

the class RolePermissionService method isRM.

public boolean isRM(String orgCode, ServerGeoObjectType type) {
    if (!this.hasSessionUser()) {
        return true;
    }
    SingleActorDAOIF actor = this.getSessionUser();
    Set<RoleDAOIF> roles = actor.authorizedRoles();
    Set<String> typeCodes = this.getTypeCodes(type);
    for (RoleDAOIF role : roles) {
        String roleName = role.getRoleName();
        if (RegistryRole.Type.isRM_Role(roleName)) {
            String roleOrgCode = RegistryRole.Type.parseOrgCode(roleName);
            String roleGotCode = RegistryRole.Type.parseGotCode(roleName);
            if (orgCode != null && type != null && (orgCode.equals(roleOrgCode) && typeCodes.contains(roleGotCode))) {
                return true;
            } else if (type == null && orgCode != null && orgCode.equals(roleOrgCode)) {
                return true;
            } else if (type == null && orgCode == null) {
                return true;
            }
        }
    }
    return false;
}
Also used : SingleActorDAOIF(com.runwaysdk.business.rbac.SingleActorDAOIF) RoleDAOIF(com.runwaysdk.business.rbac.RoleDAOIF)

Example 14 with SingleActorDAOIF

use of com.runwaysdk.business.rbac.SingleActorDAOIF in project geoprism-registry by terraframe.

the class RolePermissionService method isRC.

public boolean isRC(String orgCode, ServerGeoObjectType type) {
    if (!this.hasSessionUser()) {
        return true;
    }
    SingleActorDAOIF actor = this.getSessionUser();
    Set<RoleDAOIF> roles = actor.authorizedRoles();
    Set<String> typeCodes = this.getTypeCodes(type);
    for (RoleDAOIF role : roles) {
        String roleName = role.getRoleName();
        if (RegistryRole.Type.isRC_Role(roleName)) {
            String roleOrgCode = RegistryRole.Type.parseOrgCode(roleName);
            String roleGotCode = RegistryRole.Type.parseGotCode(roleName);
            if (orgCode != null && type != null && (orgCode.equals(roleOrgCode) && typeCodes.contains(roleGotCode))) {
                return true;
            } else if (type == null && orgCode != null && orgCode.equals(roleOrgCode)) {
                return true;
            } else if (type == null && orgCode == null) {
                return true;
            }
        }
    }
    return false;
}
Also used : SingleActorDAOIF(com.runwaysdk.business.rbac.SingleActorDAOIF) RoleDAOIF(com.runwaysdk.business.rbac.RoleDAOIF)

Example 15 with SingleActorDAOIF

use of com.runwaysdk.business.rbac.SingleActorDAOIF in project geoprism-registry by terraframe.

the class RolePermissionService method isAC.

public boolean isAC(String orgCode, ServerGeoObjectType type) {
    if (!this.hasSessionUser()) {
        return true;
    }
    SingleActorDAOIF actor = this.getSessionUser();
    Set<RoleDAOIF> roles = actor.authorizedRoles();
    Set<String> typeCodes = this.getTypeCodes(type);
    for (RoleDAOIF role : roles) {
        String roleName = role.getRoleName();
        if (RegistryRole.Type.isAC_Role(roleName)) {
            String roleOrgCode = RegistryRole.Type.parseOrgCode(roleName);
            String roleGotCode = RegistryRole.Type.parseGotCode(roleName);
            if (orgCode != null && type != null && (orgCode.equals(roleOrgCode) && typeCodes.contains(roleGotCode))) {
                return true;
            } else if (type == null && orgCode != null && orgCode.equals(roleOrgCode)) {
                return true;
            } else if (type == null && orgCode == null) {
                return true;
            }
        }
    }
    return false;
}
Also used : SingleActorDAOIF(com.runwaysdk.business.rbac.SingleActorDAOIF) RoleDAOIF(com.runwaysdk.business.rbac.RoleDAOIF)

Aggregations

SingleActorDAOIF (com.runwaysdk.business.rbac.SingleActorDAOIF)18 RoleDAOIF (com.runwaysdk.business.rbac.RoleDAOIF)16 ArrayList (java.util.ArrayList)5 ServerGeoObjectType (net.geoprism.registry.model.ServerGeoObjectType)4 Organization (net.geoprism.registry.Organization)3 JsonObject (com.google.gson.JsonObject)2 Condition (com.runwaysdk.query.Condition)2 HashSet (java.util.HashSet)2 GeoprismUser (net.geoprism.GeoprismUser)2 RolePermissionService (net.geoprism.registry.permission.RolePermissionService)2 JSONObject (org.json.JSONObject)2 BusinessFacade (com.runwaysdk.business.BusinessFacade)1 Authenticate (com.runwaysdk.business.rbac.Authenticate)1 RoleDAO (com.runwaysdk.business.rbac.RoleDAO)1 UserDAO (com.runwaysdk.business.rbac.UserDAO)1 UserDAOIF (com.runwaysdk.business.rbac.UserDAOIF)1 AttributeBooleanIF (com.runwaysdk.dataaccess.AttributeBooleanIF)1 ProgrammingErrorException (com.runwaysdk.dataaccess.ProgrammingErrorException)1 ValueObject (com.runwaysdk.dataaccess.ValueObject)1 AttributeValueException (com.runwaysdk.dataaccess.attributes.AttributeValueException)1