Example 1 with ShortPermissionInfo
use of io.jmix.rest.impl.service.filter.data.ShortPermissionInfo in project jmix by jmix-framework.
the class PermissionsControllerManager method getPermissions.
public PermissionsInfo getPermissions() {
PermissionsInfo permissionsInfo = new PermissionsInfo();
List<String> authorities = currentUserSubstitution.getEffectiveUser().getAuthorities().stream().map(GrantedAuthority::getAuthority).filter(Objects::nonNull).collect(Collectors.toList());
permissionsInfo.setAuthorities(authorities);
List<ShortPermissionInfo> entityPermissions = new ArrayList<>();
List<ShortPermissionInfo> entityAttributePermissions = new ArrayList<>();
permissionsInfo.setEntities(entityPermissions);
permissionsInfo.setEntityAttributes(entityAttributePermissions);
for (MetaClass metaClass : metadata.getSession().getClasses()) {
CrudEntityContext entityContext = new CrudEntityContext(metaClass);
accessManager.applyRegisteredConstraints(entityContext);
if (entityContext.isCreatePermitted()) {
entityPermissions.add(new ShortPermissionInfo(getEntityTarget(metaClass, "create"), ALLOWED_CRUD_PERMISSION));
}
if (entityContext.isReadPermitted()) {
entityPermissions.add(new ShortPermissionInfo(getEntityTarget(metaClass, "read"), ALLOWED_CRUD_PERMISSION));
}
if (entityContext.isUpdatePermitted()) {
entityPermissions.add(new ShortPermissionInfo(getEntityTarget(metaClass, "update"), ALLOWED_CRUD_PERMISSION));
}
if (entityContext.isDeletePermitted()) {
entityPermissions.add(new ShortPermissionInfo(getEntityTarget(metaClass, "delete"), ALLOWED_CRUD_PERMISSION));
}
for (MetaProperty metaProperty : metaClass.getProperties()) {
EntityAttributeContext attributeContext = new EntityAttributeContext(metaClass, metaProperty.getName());
accessManager.applyRegisteredConstraints(attributeContext);
if (attributeContext.canModify()) {
entityAttributePermissions.add(new ShortPermissionInfo(getEntityAttributeTarget(metaClass, metaProperty), MODIFY_ATTRIBUTE_PERMISSION));
} else if (attributeContext.canView()) {
entityAttributePermissions.add(new ShortPermissionInfo(getEntityAttributeTarget(metaClass, metaProperty), VIEW_ATTRIBUTE_PERMISSION));
}
}
}
List<ShortPermissionInfo> grantedSpecificPolicies = specificPolicyInfoRegistry.getSpecificPolicyInfos().stream().map(SpecificPolicyInfoRegistry.SpecificPolicyInfo::getName).filter(specificPolicyName -> {
SpecificOperationAccessContext accessContext = new SpecificOperationAccessContext(specificPolicyName);
accessManager.applyRegisteredConstraints(accessContext);
return accessContext.isPermitted();
}).map(specificPolicyName -> new ShortPermissionInfo(specificPolicyName, 1)).collect(Collectors.toList());
permissionsInfo.setSpecifics(grantedSpecificPolicies);
return permissionsInfo;
}
Also used :
PermissionsInfo(io.jmix.rest.impl.service.filter.data.PermissionsInfo)
PermissionsController(io.jmix.rest.impl.controller.PermissionsController)
MetaClass(io.jmix.core.metamodel.model.MetaClass)
PermissionsInfo(io.jmix.rest.impl.service.filter.data.PermissionsInfo)
EntityAttributeContext(io.jmix.core.accesscontext.EntityAttributeContext)
AccessManager(io.jmix.core.AccessManager)
SpecificOperationAccessContext(io.jmix.core.accesscontext.SpecificOperationAccessContext)
Autowired(org.springframework.beans.factory.annotation.Autowired)
Metadata(io.jmix.core.Metadata)
CrudEntityContext(io.jmix.core.accesscontext.CrudEntityContext)
Collectors(java.util.stream.Collectors)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
ArrayList(java.util.ArrayList)
Objects(java.util.Objects)
Component(org.springframework.stereotype.Component)
List(java.util.List)
MetaProperty(io.jmix.core.metamodel.model.MetaProperty)
CurrentUserSubstitution(io.jmix.core.usersubstitution.CurrentUserSubstitution)
SpecificPolicyInfoRegistry(io.jmix.core.security.SpecificPolicyInfoRegistry)
ShortPermissionInfo(io.jmix.rest.impl.service.filter.data.ShortPermissionInfo)
SpecificOperationAccessContext(io.jmix.core.accesscontext.SpecificOperationAccessContext)
EntityAttributeContext(io.jmix.core.accesscontext.EntityAttributeContext)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
ArrayList(java.util.ArrayList)
ShortPermissionInfo(io.jmix.rest.impl.service.filter.data.ShortPermissionInfo)
SpecificPolicyInfoRegistry(io.jmix.core.security.SpecificPolicyInfoRegistry)
MetaClass(io.jmix.core.metamodel.model.MetaClass)
CrudEntityContext(io.jmix.core.accesscontext.CrudEntityContext)
MetaProperty(io.jmix.core.metamodel.model.MetaProperty)
Aggregations
AccessManager (io.jmix.core.AccessManager)1
Metadata (io.jmix.core.Metadata)1
CrudEntityContext (io.jmix.core.accesscontext.CrudEntityContext)1
EntityAttributeContext (io.jmix.core.accesscontext.EntityAttributeContext)1
SpecificOperationAccessContext (io.jmix.core.accesscontext.SpecificOperationAccessContext)1
MetaClass (io.jmix.core.metamodel.model.MetaClass)1
MetaProperty (io.jmix.core.metamodel.model.MetaProperty)1
SpecificPolicyInfoRegistry (io.jmix.core.security.SpecificPolicyInfoRegistry)1
CurrentUserSubstitution (io.jmix.core.usersubstitution.CurrentUserSubstitution)1
PermissionsController (io.jmix.rest.impl.controller.PermissionsController)1
PermissionsInfo (io.jmix.rest.impl.service.filter.data.PermissionsInfo)1
ShortPermissionInfo (io.jmix.rest.impl.service.filter.data.ShortPermissionInfo)1
ArrayList (java.util.ArrayList)1
List (java.util.List)1
Objects (java.util.Objects)1
Collectors (java.util.stream.Collectors)1
Autowired (org.springframework.beans.factory.annotation.Autowired)1
GrantedAuthority (org.springframework.security.core.GrantedAuthority)1
Component (org.springframework.stereotype.Component)1
