use of io.gravitee.repository.management.model.MembershipReferenceType in project gravitee-management-rest-api by gravitee-io.
the class MembershipServiceImpl method createAuditLog.
private void createAuditLog(Audit.AuditEvent event, Date date, Membership oldValue, Membership newValue) {
MembershipReferenceType referenceType = oldValue != null ? oldValue.getReferenceType() : newValue.getReferenceType();
String referenceId = oldValue != null ? oldValue.getReferenceId() : newValue.getReferenceId();
String username = oldValue != null ? oldValue.getUserId() : newValue.getUserId();
Map<Audit.AuditProperties, String> properties = new HashMap<>();
properties.put(Audit.AuditProperties.USER, username);
switch(referenceType) {
case API:
auditService.createApiAuditLog(referenceId, properties, event, date, oldValue, newValue);
break;
case APPLICATION:
auditService.createApplicationAuditLog(referenceId, properties, event, date, oldValue, newValue);
break;
case GROUP:
properties.put(Audit.AuditProperties.GROUP, referenceId);
auditService.createPortalAuditLog(properties, event, date, oldValue, newValue);
break;
default:
auditService.createPortalAuditLog(properties, event, date, oldValue, newValue);
break;
}
}
use of io.gravitee.repository.management.model.MembershipReferenceType in project gravitee-management-rest-api by gravitee-io.
the class PermissionServiceImpl method hasPermission.
@Override
public boolean hasPermission(RolePermission permission, String referenceId, RolePermissionAction... acls) {
Optional<String> optionalReferenceId = Optional.ofNullable(referenceId);
MembershipReferenceType membershipReferenceType;
MembershipReferenceType groupMembershipReferenceType = null;
io.gravitee.repository.management.model.RoleScope repoRoleScope;
switch(permission.getScope()) {
case MANAGEMENT:
membershipReferenceType = MembershipReferenceType.MANAGEMENT;
repoRoleScope = io.gravitee.repository.management.model.RoleScope.MANAGEMENT;
break;
case PORTAL:
membershipReferenceType = MembershipReferenceType.PORTAL;
repoRoleScope = io.gravitee.repository.management.model.RoleScope.PORTAL;
break;
case API:
membershipReferenceType = MembershipReferenceType.API;
groupMembershipReferenceType = MembershipReferenceType.GROUP;
repoRoleScope = io.gravitee.repository.management.model.RoleScope.API;
break;
case APPLICATION:
membershipReferenceType = MembershipReferenceType.APPLICATION;
groupMembershipReferenceType = MembershipReferenceType.GROUP;
repoRoleScope = io.gravitee.repository.management.model.RoleScope.APPLICATION;
break;
default:
membershipReferenceType = null;
repoRoleScope = null;
}
Set<RoleEntity> roles = Collections.emptySet();
RoleEntity firstDegreeRole = membershipService.getRole(membershipReferenceType, optionalReferenceId.orElse(MembershipDefaultReferenceId.DEFAULT.name()), getAuthenticatedUsername(), repoRoleScope);
if (firstDegreeRole != null) {
roles = Collections.singleton(firstDegreeRole);
} else if (groupMembershipReferenceType != null) {
Set<String> groups = null;
if (MembershipReferenceType.GROUP.equals(groupMembershipReferenceType)) {
try {
groups = apiService.findById(referenceId).getGroups();
} catch (ApiNotFoundException ane) {
groups = applicationService.findById(referenceId).getGroups();
}
}
if (groups != null && !groups.isEmpty()) {
roles = membershipService.getRoles(groupMembershipReferenceType, groups, getAuthenticatedUsername(), repoRoleScope);
}
}
for (RoleEntity roleEntity : roles) {
if (roleService.hasPermission(roleEntity.getPermissions(), permission.getPermission(), acls)) {
return true;
}
}
return false;
}
Aggregations