use of io.gravitee.rest.api.model.api.ApiQuery in project gravitee-management-rest-api by gravitee-io.
the class TaskServiceImpl method getApisForAPermission.
private Set<String> getApisForAPermission(final String userId, final String permission) throws TechnicalException {
// 1. find apis and group memberships
Set<MembershipEntity> memberships = membershipService.getMembershipsByMemberAndReference(MembershipMemberType.USER, userId, io.gravitee.rest.api.model.MembershipReferenceType.API);
memberships.addAll(membershipService.getMembershipsByMemberAndReference(MembershipMemberType.USER, userId, io.gravitee.rest.api.model.MembershipReferenceType.GROUP));
Map<String, RoleEntity> roleNameToEntity = new HashMap<>();
Set<String> apiIds = new HashSet<>();
List<String> groupIds = new ArrayList<>();
for (MembershipEntity membership : memberships) {
// 2. get API roles in each memberships and search for roleEntity only once
RoleEntity roleEntity = roleNameToEntity.get(membership.getRoleId());
if (roleEntity == null && !roleNameToEntity.containsKey(membership.getRoleId())) {
RoleEntity role = roleService.findById(membership.getRoleId());
if (role.getScope() == RoleScope.API) {
roleNameToEntity.put(role.getId(), role);
roleEntity = role;
}
}
if (roleEntity != null) {
// 3. get apiId or groupId only if the role has a given permission
final char[] rights = roleEntity.getPermissions().get(permission);
if (rights != null) {
for (char c : rights) {
if (c == 'U') {
switch(membership.getReferenceType()) {
case GROUP:
groupIds.add(membership.getReferenceId());
break;
case API:
apiIds.add(membership.getReferenceId());
break;
default:
break;
}
}
}
}
}
}
// 54. add apiId that comes from group
if (!groupIds.isEmpty()) {
ApiQuery apiQuery = new ApiQuery();
apiQuery.setGroups(groupIds);
apiIds.addAll(apiService.searchIds(apiQuery));
}
return apiIds;
}
Aggregations