Examples with ReadPermission com.yahoo.elide.annotation.ReadPermission used on opensource projects

Example 1 with ReadPermission

use of com.yahoo.elide.annotation.ReadPermission in project elide by yahoo.

the class VerifyFieldAccessFilterExpressionVisitor method visitPredicate.

/**
 * Enforce ReadPermission on provided query filter.
 *
 * @return true if allowed, false if rejected
 */
@Override
public Boolean visitPredicate(FilterPredicate filterPredicate) {
    RequestScope requestScope = resource.getRequestScope();
    Set<PersistentResource> val = Collections.singleton(resource);
    PermissionExecutor permissionExecutor = requestScope.getPermissionExecutor();
    ExpressionResult result = permissionExecutor.evaluateFilterJoinUserChecks(resource, filterPredicate);
    if (result == ExpressionResult.UNEVALUATED) {
        result = evaluateUserChecks(filterPredicate, permissionExecutor);
    }
    if (result == ExpressionResult.PASS) {
        return true;
    }
    if (result == ExpressionResult.FAIL) {
        return false;
    }
    for (PathElement element : filterPredicate.getPath().getPathElements()) {
        String fieldName = element.getFieldName();
        if ("this".equals(fieldName)) {
            continue;
        }
        try {
            val = val.stream().filter(Objects::nonNull).flatMap(x -> getValueChecked(x, fieldName, requestScope).toList(LinkedHashSet::new).blockingGet().stream()).filter(Objects::nonNull).collect(Collectors.toSet());
        } catch (ForbiddenAccessException e) {
            result = permissionExecutor.handleFilterJoinReject(filterPredicate, element, e);
            if (result == ExpressionResult.DEFERRED) {
                continue;
            }
            // pass or fail
            return result == ExpressionResult.PASS;
        }
    }
    return true;
}

Example 2 with ReadPermission

use of com.yahoo.elide.annotation.ReadPermission in project elide by yahoo.

the class CanPaginateVisitorTest method testSparseFields.

@Test
public void testSparseFields() throws Exception {
    @Entity
    @Include(rootLevel = false)
    @ReadPermission(expression = "In Memory Check")
    class Book {

        @Id
        private long id;

        @ReadPermission(expression = "Filter Expression Check")
        private String title;

        @ReadPermission(expression = "Filter Expression Check")
        private Date publicationDate;

        private boolean outOfPrint;
    }
    EntityDictionary dictionary = TestDictionary.getTestDictionary(checkMappings);
    dictionary.bindEntity(Book.class);
    RequestScope scope = mock(RequestScope.class);
    Set<String> sparseFields = new HashSet<>();
    assertFalse(CanPaginateVisitor.canPaginate(ClassType.of(Book.class), dictionary, scope, sparseFields));
    sparseFields.add("title");
    sparseFields.add("publicationDate");
    assertTrue(CanPaginateVisitor.canPaginate(ClassType.of(Book.class), dictionary, scope, sparseFields));
    sparseFields.add("outOfPrint");
    assertFalse(CanPaginateVisitor.canPaginate(ClassType.of(Book.class), dictionary, scope, sparseFields));
}

Example 3 with ReadPermission

use of com.yahoo.elide.annotation.ReadPermission in project elide by yahoo.

the class CanPaginateVisitorTest method testMultipleFieldsPagination.

@Test
public void testMultipleFieldsPagination() throws Exception {
    @Entity
    @Include(rootLevel = false)
    @ReadPermission(expression = "In Memory Check")
    class Book {

        @Id
        private long id;

        @ReadPermission(expression = "Filter Expression Check")
        private String title;

        @ReadPermission(expression = "Filter Expression Check")
        private Date publicationDate;
    }
    EntityDictionary dictionary = TestDictionary.getTestDictionary(checkMappings);
    dictionary.bindEntity(Book.class);
    RequestScope scope = mock(RequestScope.class);
    assertTrue(CanPaginateVisitor.canPaginate(ClassType.of(Book.class), dictionary, scope, new HashSet<>()));
}

Example 4 with ReadPermission

use of com.yahoo.elide.annotation.ReadPermission in project elide by yahoo.

the class TableType method buildAnnotations.

private static Map<Class<? extends Annotation>, Annotation> buildAnnotations(Dimension dimension) {
    Map<Class<? extends Annotation>, Annotation> annotations = new HashMap<>();
    annotations.put(ColumnMeta.class, new ColumnMeta() {

        @Override
        public Class<? extends Annotation> annotationType() {
            return ColumnMeta.class;
        }

        @Override
        public String friendlyName() {
            return dimension.getFriendlyName();
        }

        @Override
        public String description() {
            return dimension.getDescription();
        }

        @Override
        public String category() {
            return dimension.getCategory();
        }

        @Override
        public TableSource tableSource() {
            return buildTableSource(dimension.getTableSource());
        }

        @Override
        public String[] tags() {
            return dimension.getTags().toArray(new String[0]);
        }

        @Override
        public String[] values() {
            return dimension.getValues().toArray(new String[0]);
        }

        @Override
        public boolean isHidden() {
            return dimension.getHidden() != null && dimension.getHidden();
        }

        @Override
        public String filterTemplate() {
            return dimension.getFilterTemplate();
        }

        @Override
        public CardinalitySize size() {
            if (dimension.getCardinality() == null || dimension.getCardinality().isEmpty()) {
                return CardinalitySize.UNKNOWN;
            }
            return CardinalitySize.valueOf(dimension.getCardinality().toUpperCase(Locale.ENGLISH));
        }
    });
    annotations.put(DimensionFormula.class, new DimensionFormula() {

        @Override
        public ArgumentDefinition[] arguments() {
            return getArgumentDefinitions(dimension.getArguments());
        }

        @Override
        public Class<? extends Annotation> annotationType() {
            return DimensionFormula.class;
        }

        @Override
        public String value() {
            return trimColumnReferences(dimension.getDefinition());
        }
    });
    String readPermission = dimension.getReadAccess();
    if (StringUtils.isNotEmpty(readPermission)) {
        annotations.put(ReadPermission.class, new ReadPermission() {

            @Override
            public Class<? extends Annotation> annotationType() {
                return ReadPermission.class;
            }

            @Override
            public String expression() {
                return readPermission;
            }
        });
    }
    if (dimension.getType().toUpperCase(Locale.ROOT).equals(ENUM_ORDINAL)) {
        annotations.put(Enumerated.class, getEnumeratedAnnotation(EnumType.ORDINAL));
    }
    if (dimension.getType().toUpperCase(Locale.ROOT).equals(TIME)) {
        annotations.put(Temporal.class, new Temporal() {

            @Override
            public Class<? extends Annotation> annotationType() {
                return Temporal.class;
            }

            @Override
            public TimeGrainDefinition[] grains() {
                int numGrains = dimension.getGrains() == null ? 0 : dimension.getGrains().size();
                TimeGrainDefinition[] definitions = new TimeGrainDefinition[numGrains];
                for (int idx = 0; idx < numGrains; idx++) {
                    Grain grain = dimension.getGrains().get(idx);
                    definitions[idx] = new TimeGrainDefinition() {

                        @Override
                        public Class<? extends Annotation> annotationType() {
                            return TimeGrainDefinition.class;
                        }

                        @Override
                        public TimeGrain grain() {
                            if (grain.getType() == null) {
                                return TimeGrain.DAY;
                            }
                            return TimeGrain.valueOf(grain.getType().name());
                        }

                        @Override
                        public String expression() {
                            String sql = grain.getSql();
                            if (StringUtils.isEmpty(sql)) {
                                return "{{$$column.expr}}";
                            }
                            return grain.getSql();
                        }
                    };
                }
                return definitions;
            }

            @Override
            public String timeZone() {
                return "UTC";
            }
        });
    }
    return annotations;
}

Example 5 with ReadPermission

use of com.yahoo.elide.annotation.ReadPermission in project elide by yahoo.

the class TableType method buildAnnotations.

private static Map<Class<? extends Annotation>, Annotation> buildAnnotations(Measure measure) {
    Map<Class<? extends Annotation>, Annotation> annotations = new HashMap<>();
    annotations.put(ColumnMeta.class, new ColumnMeta() {

        @Override
        public Class<? extends Annotation> annotationType() {
            return ColumnMeta.class;
        }

        @Override
        public String friendlyName() {
            return measure.getFriendlyName();
        }

        @Override
        public String description() {
            return measure.getDescription();
        }

        @Override
        public String category() {
            return measure.getCategory();
        }

        @Override
        public TableSource tableSource() {
            return buildTableSource(null);
        }

        @Override
        public String[] tags() {
            return measure.getTags().toArray(new String[0]);
        }

        @Override
        public String[] values() {
            return new String[0];
        }

        @Override
        public boolean isHidden() {
            return measure.getHidden() != null && measure.getHidden();
        }

        @Override
        public String filterTemplate() {
            return measure.getFilterTemplate();
        }

        @Override
        public CardinalitySize size() {
            return CardinalitySize.UNKNOWN;
        }
    });
    annotations.put(MetricFormula.class, new MetricFormula() {

        @Override
        public ArgumentDefinition[] arguments() {
            return getArgumentDefinitions(measure.getArguments());
        }

        @Override
        public Class<? extends Annotation> annotationType() {
            return MetricFormula.class;
        }

        @Override
        public String value() {
            if (measure.getDefinition() != null) {
                return trimColumnReferences(measure.getDefinition());
            } else {
                return "";
            }
        }

        @Override
        public Class<? extends MetricProjectionMaker> maker() {
            if (measure.getMaker() == null || measure.getMaker().isEmpty()) {
                return DefaultMetricProjectionMaker.class;
            }
            try {
                return (Class<? extends MetricProjectionMaker>) Class.forName(measure.getMaker());
            } catch (ClassNotFoundException e) {
                throw new IllegalStateException(e);
            }
        }
    });
    String readPermission = measure.getReadAccess();
    if (StringUtils.isNotEmpty(readPermission)) {
        annotations.put(ReadPermission.class, new ReadPermission() {

            @Override
            public Class<? extends Annotation> annotationType() {
                return ReadPermission.class;
            }

            @Override
            public String expression() {
                return readPermission;
            }
        });
    }
    return annotations;
}