Search in sources :

Example 1 with ApiNotFoundException

use of io.gravitee.management.service.exceptions.ApiNotFoundException in project gravitee-management-rest-api by gravitee-io.

the class PermissionServiceImpl method hasPermission.

@Override
public boolean hasPermission(RolePermission permission, String referenceId, RolePermissionAction... acls) {
    Optional<String> optionalReferenceId = Optional.ofNullable(referenceId);
    MembershipReferenceType membershipReferenceType;
    MembershipReferenceType groupMembershipReferenceType = null;
    io.gravitee.repository.management.model.RoleScope repoRoleScope;
    switch(permission.getScope()) {
        case MANAGEMENT:
            membershipReferenceType = MembershipReferenceType.MANAGEMENT;
            repoRoleScope = io.gravitee.repository.management.model.RoleScope.MANAGEMENT;
            break;
        case PORTAL:
            membershipReferenceType = MembershipReferenceType.PORTAL;
            repoRoleScope = io.gravitee.repository.management.model.RoleScope.PORTAL;
            break;
        case API:
            membershipReferenceType = MembershipReferenceType.API;
            groupMembershipReferenceType = MembershipReferenceType.GROUP;
            repoRoleScope = io.gravitee.repository.management.model.RoleScope.API;
            break;
        case APPLICATION:
            membershipReferenceType = MembershipReferenceType.APPLICATION;
            groupMembershipReferenceType = MembershipReferenceType.GROUP;
            repoRoleScope = io.gravitee.repository.management.model.RoleScope.APPLICATION;
            break;
        default:
            membershipReferenceType = null;
            repoRoleScope = null;
    }
    Set<RoleEntity> roles = Collections.emptySet();
    RoleEntity firstDegreeRole = membershipService.getRole(membershipReferenceType, optionalReferenceId.orElse(MembershipDefaultReferenceId.DEFAULT.name()), getAuthenticatedUsername(), repoRoleScope);
    if (firstDegreeRole != null) {
        roles = Collections.singleton(firstDegreeRole);
    } else if (groupMembershipReferenceType != null) {
        Set<String> groups = null;
        if (MembershipReferenceType.GROUP.equals(groupMembershipReferenceType)) {
            try {
                groups = apiService.findById(referenceId).getGroups();
            } catch (ApiNotFoundException ane) {
                groups = applicationService.findById(referenceId).getGroups();
            }
        }
        if (groups != null && !groups.isEmpty()) {
            roles = membershipService.getRoles(groupMembershipReferenceType, groups, getAuthenticatedUsername(), repoRoleScope);
        }
    }
    for (RoleEntity roleEntity : roles) {
        if (roleService.hasPermission(roleEntity.getPermissions(), permission.getPermission(), acls)) {
            return true;
        }
    }
    return false;
}
Also used : RoleEntity(io.gravitee.management.model.RoleEntity) Set(java.util.Set) ApiNotFoundException(io.gravitee.management.service.exceptions.ApiNotFoundException) MembershipReferenceType(io.gravitee.repository.management.model.MembershipReferenceType)

Aggregations

RoleEntity (io.gravitee.management.model.RoleEntity)1 ApiNotFoundException (io.gravitee.management.service.exceptions.ApiNotFoundException)1 MembershipReferenceType (io.gravitee.repository.management.model.MembershipReferenceType)1 Set (java.util.Set)1