Search in sources :

Example 26 with ApiQuery

use of io.gravitee.rest.api.model.api.ApiQuery in project gravitee-management-rest-api by gravitee-io.

the class TaskServiceImpl method getApisForAPermission.

private Set<String> getApisForAPermission(final String userId, final String permission) throws TechnicalException {
    // 1. find apis and group memberships
    Set<MembershipEntity> memberships = membershipService.getMembershipsByMemberAndReference(MembershipMemberType.USER, userId, io.gravitee.rest.api.model.MembershipReferenceType.API);
    memberships.addAll(membershipService.getMembershipsByMemberAndReference(MembershipMemberType.USER, userId, io.gravitee.rest.api.model.MembershipReferenceType.GROUP));
    Map<String, RoleEntity> roleNameToEntity = new HashMap<>();
    Set<String> apiIds = new HashSet<>();
    List<String> groupIds = new ArrayList<>();
    for (MembershipEntity membership : memberships) {
        // 2. get API roles in each memberships and search for roleEntity only once
        RoleEntity roleEntity = roleNameToEntity.get(membership.getRoleId());
        if (roleEntity == null && !roleNameToEntity.containsKey(membership.getRoleId())) {
            RoleEntity role = roleService.findById(membership.getRoleId());
            if (role.getScope() == RoleScope.API) {
                roleNameToEntity.put(role.getId(), role);
                roleEntity = role;
            }
        }
        if (roleEntity != null) {
            // 3. get apiId or groupId only if the role has a given permission
            final char[] rights = roleEntity.getPermissions().get(permission);
            if (rights != null) {
                for (char c : rights) {
                    if (c == 'U') {
                        switch(membership.getReferenceType()) {
                            case GROUP:
                                groupIds.add(membership.getReferenceId());
                                break;
                            case API:
                                apiIds.add(membership.getReferenceId());
                                break;
                            default:
                                break;
                        }
                    }
                }
            }
        }
    }
    // 54. add apiId that comes from group
    if (!groupIds.isEmpty()) {
        ApiQuery apiQuery = new ApiQuery();
        apiQuery.setGroups(groupIds);
        apiIds.addAll(apiService.searchIds(apiQuery));
    }
    return apiIds;
}
Also used : ApiQuery(io.gravitee.rest.api.model.api.ApiQuery)

Aggregations

ApiQuery (io.gravitee.rest.api.model.api.ApiQuery)26 ApiEntity (io.gravitee.rest.api.model.api.ApiEntity)19 ApiNotFoundException (io.gravitee.rest.api.service.exceptions.ApiNotFoundException)17 RequirePortalAuth (io.gravitee.rest.api.portal.rest.security.RequirePortalAuth)8 Produces (javax.ws.rs.Produces)7 Response (javax.ws.rs.core.Response)7 RatingEntity (io.gravitee.rest.api.model.RatingEntity)6 Collectors (java.util.stream.Collectors)6 Inject (javax.inject.Inject)6 MediaType (io.gravitee.common.http.MediaType)5 Permissions (io.gravitee.rest.api.portal.rest.security.Permissions)5 GET (javax.ws.rs.GET)5 RatingNotFoundException (io.gravitee.rest.api.service.exceptions.RatingNotFoundException)4 Collections (java.util.Collections)4 PaginationParam (io.gravitee.rest.api.portal.rest.resource.param.PaginationParam)3 java.util (java.util)3 List (java.util.List)3 Context (javax.ws.rs.core.Context)3 TechnicalException (io.gravitee.repository.exceptions.TechnicalException)2 NewRatingEntity (io.gravitee.rest.api.model.NewRatingEntity)2