use of io.jmix.rest.impl.service.filter.data.PermissionsInfo in project jmix by jmix-framework.
the class PermissionsControllerManager method getPermissions.
public PermissionsInfo getPermissions() {
PermissionsInfo permissionsInfo = new PermissionsInfo();
List<String> authorities = currentUserSubstitution.getEffectiveUser().getAuthorities().stream().map(GrantedAuthority::getAuthority).filter(Objects::nonNull).collect(Collectors.toList());
permissionsInfo.setAuthorities(authorities);
List<ShortPermissionInfo> entityPermissions = new ArrayList<>();
List<ShortPermissionInfo> entityAttributePermissions = new ArrayList<>();
permissionsInfo.setEntities(entityPermissions);
permissionsInfo.setEntityAttributes(entityAttributePermissions);
for (MetaClass metaClass : metadata.getSession().getClasses()) {
CrudEntityContext entityContext = new CrudEntityContext(metaClass);
accessManager.applyRegisteredConstraints(entityContext);
if (entityContext.isCreatePermitted()) {
entityPermissions.add(new ShortPermissionInfo(getEntityTarget(metaClass, "create"), ALLOWED_CRUD_PERMISSION));
}
if (entityContext.isReadPermitted()) {
entityPermissions.add(new ShortPermissionInfo(getEntityTarget(metaClass, "read"), ALLOWED_CRUD_PERMISSION));
}
if (entityContext.isUpdatePermitted()) {
entityPermissions.add(new ShortPermissionInfo(getEntityTarget(metaClass, "update"), ALLOWED_CRUD_PERMISSION));
}
if (entityContext.isDeletePermitted()) {
entityPermissions.add(new ShortPermissionInfo(getEntityTarget(metaClass, "delete"), ALLOWED_CRUD_PERMISSION));
}
for (MetaProperty metaProperty : metaClass.getProperties()) {
EntityAttributeContext attributeContext = new EntityAttributeContext(metaClass, metaProperty.getName());
accessManager.applyRegisteredConstraints(attributeContext);
if (attributeContext.canModify()) {
entityAttributePermissions.add(new ShortPermissionInfo(getEntityAttributeTarget(metaClass, metaProperty), MODIFY_ATTRIBUTE_PERMISSION));
} else if (attributeContext.canView()) {
entityAttributePermissions.add(new ShortPermissionInfo(getEntityAttributeTarget(metaClass, metaProperty), VIEW_ATTRIBUTE_PERMISSION));
}
}
}
List<ShortPermissionInfo> grantedSpecificPolicies = specificPolicyInfoRegistry.getSpecificPolicyInfos().stream().map(SpecificPolicyInfoRegistry.SpecificPolicyInfo::getName).filter(specificPolicyName -> {
SpecificOperationAccessContext accessContext = new SpecificOperationAccessContext(specificPolicyName);
accessManager.applyRegisteredConstraints(accessContext);
return accessContext.isPermitted();
}).map(specificPolicyName -> new ShortPermissionInfo(specificPolicyName, 1)).collect(Collectors.toList());
permissionsInfo.setSpecifics(grantedSpecificPolicies);
return permissionsInfo;
}
Aggregations