Search in sources :

Example 1 with MembershipReferenceType

use of io.gravitee.repository.management.model.MembershipReferenceType in project gravitee-management-rest-api by gravitee-io.

the class MembershipServiceImpl method createAuditLog.

private void createAuditLog(Audit.AuditEvent event, Date date, Membership oldValue, Membership newValue) {
    MembershipReferenceType referenceType = oldValue != null ? oldValue.getReferenceType() : newValue.getReferenceType();
    String referenceId = oldValue != null ? oldValue.getReferenceId() : newValue.getReferenceId();
    String username = oldValue != null ? oldValue.getUserId() : newValue.getUserId();
    Map<Audit.AuditProperties, String> properties = new HashMap<>();
    properties.put(Audit.AuditProperties.USER, username);
    switch(referenceType) {
        case API:
            auditService.createApiAuditLog(referenceId, properties, event, date, oldValue, newValue);
            break;
        case APPLICATION:
            auditService.createApplicationAuditLog(referenceId, properties, event, date, oldValue, newValue);
            break;
        case GROUP:
            properties.put(Audit.AuditProperties.GROUP, referenceId);
            auditService.createPortalAuditLog(properties, event, date, oldValue, newValue);
            break;
        default:
            auditService.createPortalAuditLog(properties, event, date, oldValue, newValue);
            break;
    }
}
Also used : MembershipReferenceType(io.gravitee.repository.management.model.MembershipReferenceType)

Example 2 with MembershipReferenceType

use of io.gravitee.repository.management.model.MembershipReferenceType in project gravitee-management-rest-api by gravitee-io.

the class PermissionServiceImpl method hasPermission.

@Override
public boolean hasPermission(RolePermission permission, String referenceId, RolePermissionAction... acls) {
    Optional<String> optionalReferenceId = Optional.ofNullable(referenceId);
    MembershipReferenceType membershipReferenceType;
    MembershipReferenceType groupMembershipReferenceType = null;
    io.gravitee.repository.management.model.RoleScope repoRoleScope;
    switch(permission.getScope()) {
        case MANAGEMENT:
            membershipReferenceType = MembershipReferenceType.MANAGEMENT;
            repoRoleScope = io.gravitee.repository.management.model.RoleScope.MANAGEMENT;
            break;
        case PORTAL:
            membershipReferenceType = MembershipReferenceType.PORTAL;
            repoRoleScope = io.gravitee.repository.management.model.RoleScope.PORTAL;
            break;
        case API:
            membershipReferenceType = MembershipReferenceType.API;
            groupMembershipReferenceType = MembershipReferenceType.GROUP;
            repoRoleScope = io.gravitee.repository.management.model.RoleScope.API;
            break;
        case APPLICATION:
            membershipReferenceType = MembershipReferenceType.APPLICATION;
            groupMembershipReferenceType = MembershipReferenceType.GROUP;
            repoRoleScope = io.gravitee.repository.management.model.RoleScope.APPLICATION;
            break;
        default:
            membershipReferenceType = null;
            repoRoleScope = null;
    }
    Set<RoleEntity> roles = Collections.emptySet();
    RoleEntity firstDegreeRole = membershipService.getRole(membershipReferenceType, optionalReferenceId.orElse(MembershipDefaultReferenceId.DEFAULT.name()), getAuthenticatedUsername(), repoRoleScope);
    if (firstDegreeRole != null) {
        roles = Collections.singleton(firstDegreeRole);
    } else if (groupMembershipReferenceType != null) {
        Set<String> groups = null;
        if (MembershipReferenceType.GROUP.equals(groupMembershipReferenceType)) {
            try {
                groups = apiService.findById(referenceId).getGroups();
            } catch (ApiNotFoundException ane) {
                groups = applicationService.findById(referenceId).getGroups();
            }
        }
        if (groups != null && !groups.isEmpty()) {
            roles = membershipService.getRoles(groupMembershipReferenceType, groups, getAuthenticatedUsername(), repoRoleScope);
        }
    }
    for (RoleEntity roleEntity : roles) {
        if (roleService.hasPermission(roleEntity.getPermissions(), permission.getPermission(), acls)) {
            return true;
        }
    }
    return false;
}
Also used : RoleEntity(io.gravitee.management.model.RoleEntity) Set(java.util.Set) ApiNotFoundException(io.gravitee.management.service.exceptions.ApiNotFoundException) MembershipReferenceType(io.gravitee.repository.management.model.MembershipReferenceType)

Aggregations

MembershipReferenceType (io.gravitee.repository.management.model.MembershipReferenceType)2 RoleEntity (io.gravitee.management.model.RoleEntity)1 ApiNotFoundException (io.gravitee.management.service.exceptions.ApiNotFoundException)1 Set (java.util.Set)1