Search in sources :

Example 1 with GroupPermission

use of eu.bcvsolutions.idm.core.security.api.domain.GroupPermission in project CzechIdMng by bcvsolutions.

the class IdmAuthorityHierarchy method getReachableGrantedAuthorities.

@Override
public Collection<? extends GrantedAuthority> getReachableGrantedAuthorities(Collection<? extends GrantedAuthority> authorities) {
    if (authorities == null || authorities.isEmpty()) {
        return AuthorityUtils.NO_AUTHORITIES;
    }
    // 
    Set<GrantedAuthority> reachableRoles = new HashSet<GrantedAuthority>();
    for (GrantedAuthority grantedAuthority : authorities) {
        String authority = grantedAuthority.getAuthority();
        // 
        if (authority.equals(IdmGroupPermission.APP_ADMIN)) {
            // super admin has all available authorities
            return IdmAuthorityUtils.toAuthorities(moduleService.getAvailablePermissions());
        }
        reachableRoles.add(grantedAuthority);
        if (authority.endsWith(ADMIN_SUFFIX)) {
            String groupName = getGroupName(authority);
            for (GroupPermission groupPermission : moduleService.getAvailablePermissions()) {
                if (groupPermission.getName().equals(groupName)) {
                    reachableRoles.addAll(IdmAuthorityUtils.toAuthorities(groupPermission));
                    break;
                }
            }
        }
    }
    return Collections.unmodifiableCollection(reachableRoles);
}
Also used : GrantedAuthority(org.springframework.security.core.GrantedAuthority) GroupPermission(eu.bcvsolutions.idm.core.security.api.domain.GroupPermission) IdmGroupPermission(eu.bcvsolutions.idm.core.security.api.domain.IdmGroupPermission) HashSet(java.util.HashSet)

Example 2 with GroupPermission

use of eu.bcvsolutions.idm.core.security.api.domain.GroupPermission in project CzechIdMng by bcvsolutions.

the class IdmAuthorityUtils method toAuthorities.

/**
 * Returns all authorities from given groupPermissions
 *
 * @param groupPermissions
 * @return
 */
public static List<GrantedAuthority> toAuthorities(GroupPermission... groupPermissions) {
    Assert.notNull(groupPermissions);
    // 
    Set<GrantedAuthority> authorities = new HashSet<>();
    for (GroupPermission groupPermission : groupPermissions) {
        groupPermission.getPermissions().forEach(basePermission -> {
            authorities.add(new DefaultGrantedAuthority(groupPermission, basePermission));
        });
    }
    return new ArrayList<>(authorities);
}
Also used : DefaultGrantedAuthority(eu.bcvsolutions.idm.core.security.api.domain.DefaultGrantedAuthority) GrantedAuthority(org.springframework.security.core.GrantedAuthority) ArrayList(java.util.ArrayList) GroupPermission(eu.bcvsolutions.idm.core.security.api.domain.GroupPermission) IdmGroupPermission(eu.bcvsolutions.idm.core.security.api.domain.IdmGroupPermission) DefaultGrantedAuthority(eu.bcvsolutions.idm.core.security.api.domain.DefaultGrantedAuthority) HashSet(java.util.HashSet)

Aggregations

GroupPermission (eu.bcvsolutions.idm.core.security.api.domain.GroupPermission)2 IdmGroupPermission (eu.bcvsolutions.idm.core.security.api.domain.IdmGroupPermission)2 HashSet (java.util.HashSet)2 GrantedAuthority (org.springframework.security.core.GrantedAuthority)2 DefaultGrantedAuthority (eu.bcvsolutions.idm.core.security.api.domain.DefaultGrantedAuthority)1 ArrayList (java.util.ArrayList)1