Examples with OrExpression com.yahoo.elide.core.security.permissions.expressions.OrExpression used on opensource projects

Example 1 with OrExpression

use of com.yahoo.elide.core.security.permissions.expressions.OrExpression in project elide by yahoo.

the class PermissionExpressionBuilder method buildAnyFieldExpression.

/**
 * Build an expression representing any field on an entity.
 *
 * @param condition       The condition which triggered this permission expression check
 * @param checkFn         check function
 * @param scope           RequestScope
 * @param requestedFields The list of requested fields
 * @return Expressions
 */
private Expression buildAnyFieldExpression(final PermissionCondition condition, final Function<Check, Expression> checkFn, final Set<String> requestedFields, final RequestScope scope) {
    Type<?> resourceClass = condition.getEntityClass();
    Class<? extends Annotation> annotationClass = condition.getPermission();
    ParseTree classPermissions = entityDictionary.getPermissionsForClass(resourceClass, annotationClass);
    Expression entityExpression = normalizedExpressionFromParseTree(classPermissions, checkFn);
    OrExpression allFieldsExpression = new OrExpression(FAILURE, null);
    List<String> fields = entityDictionary.getAllExposedFields(resourceClass);
    boolean entityExpressionUsed = false;
    boolean fieldExpressionUsed = false;
    for (String field : fields) {
        if (requestedFields != null && !requestedFields.contains(field)) {
            continue;
        }
        ParseTree fieldPermissions = entityDictionary.getPermissionsForField(resourceClass, field, annotationClass);
        Expression fieldExpression = normalizedExpressionFromParseTree(fieldPermissions, checkFn);
        if (fieldExpression == null) {
            if (entityExpressionUsed) {
                continue;
            }
            if (entityExpression == null) {
                // One field had no permissions set - so we allow the action.
                return SUCCESSFUL_EXPRESSION;
            }
            fieldExpression = entityExpression;
            entityExpressionUsed = true;
        } else {
            fieldExpressionUsed = true;
        }
        allFieldsExpression = new OrExpression(allFieldsExpression, fieldExpression);
    }
    if (!fieldExpressionUsed) {
        // If there are no permissions, allow access...
        if (entityExpression == null) {
            return SUCCESSFUL_EXPRESSION;
        }
        return new AnyFieldExpression(condition, entityExpression);
    }
    return new AnyFieldExpression(condition, allFieldsExpression);
}

Example 2 with OrExpression

use of com.yahoo.elide.core.security.permissions.expressions.OrExpression in project elide by yahoo.

the class PermissionExpressionNormalizationVisitor method visitNotExpression.

@Override
public Expression visitNotExpression(NotExpression notExpression) {
    Expression inner = notExpression.getLogical();
    if (inner instanceof AndExpression) {
        AndExpression and = (AndExpression) inner;
        Expression left = new NotExpression(and.getLeft()).accept(this);
        Expression right = new NotExpression(and.getRight()).accept(this);
        return new OrExpression(left, right);
    }
    if (inner instanceof OrExpression) {
        OrExpression or = (OrExpression) inner;
        Expression left = new NotExpression(or.getLeft()).accept(this);
        Expression right = new NotExpression(or.getRight()).accept(this);
        return new AndExpression(left, right);
    }
    if (inner instanceof NotExpression) {
        NotExpression not = (NotExpression) inner;
        return (not.getLogical()).accept(this);
    }
    return notExpression;
}

Example 3 with OrExpression

use of com.yahoo.elide.core.security.permissions.expressions.OrExpression in project elide by yahoo.

the class PermissionExpressionNormalizationVisitor method visitOrExpression.

@Override
public Expression visitOrExpression(OrExpression orExpression) {
    Expression left = orExpression.getLeft();
    Expression right = orExpression.getRight();
    return new OrExpression(left.accept(this), right.accept(this));
}

Example 4 with OrExpression

use of com.yahoo.elide.core.security.permissions.expressions.OrExpression in project elide by yahoo.

the class PermissionExpressionBuilder method buildAnyFieldOnlyExpression.

/**
 * Builds disjunction of permission expression of all requested fields.
 * If the field permission is null, then return default SUCCESSFUL_EXPRESSION.
 * expression = (field1Rule OR field2Rule ... OR fieldNRule)
 * @param condition The condition which triggered this permission expression check
 * @param checkFn check function
 * @param requestedFields The list of requested fields
 * @return Expression
 */
private Expression buildAnyFieldOnlyExpression(final PermissionCondition condition, final Function<Check, Expression> checkFn, final Set<String> requestedFields) {
    Type<?> resourceClass = condition.getEntityClass();
    Class<? extends Annotation> annotationClass = condition.getPermission();
    OrExpression allFieldsExpression = new OrExpression(FAILURE, null);
    List<String> fields = entityDictionary.getAllExposedFields(resourceClass);
    boolean fieldExpressionUsed = false;
    for (String field : fields) {
        if (requestedFields != null && !requestedFields.contains(field)) {
            continue;
        }
        ParseTree fieldPermissions = entityDictionary.getPermissionsForField(resourceClass, field, annotationClass);
        Expression fieldExpression = normalizedExpressionFromParseTree(fieldPermissions, checkFn);
        if (fieldExpression == null) {
            return SUCCESSFUL_EXPRESSION;
        }
        fieldExpressionUsed = true;
        allFieldsExpression = new OrExpression(allFieldsExpression, fieldExpression);
    }
    if (!fieldExpressionUsed) {
        return SUCCESSFUL_EXPRESSION;
    }
    return new AnyFieldExpression(condition, allFieldsExpression);
}