Search in sources :

Example 1 with ResourcePolicy

use of io.jmix.security.model.ResourcePolicy in project jmix by jmix-framework.

the class ExplicitResourcePolicyExtractor method extractResourcePolicies.

@Override
public Collection<ResourcePolicy> extractResourcePolicies(Method method) {
    if (Modifier.isStatic(method.getModifiers())) {
        ExplicitResourcePolicies annotation = method.getAnnotation(ExplicitResourcePolicies.class);
        if (annotation != null) {
            if (isMethodReturnCollectionOfResourcePolicies(method)) {
                try {
                    Set<ResourcePolicy> resourcePolicies = new HashSet<>();
                    Collection<ResourcePolicy> definedPolicies = (Collection<ResourcePolicy>) method.invoke(null);
                    for (ResourcePolicy definedPolicy : definedPolicies) {
                        ResourcePolicy resourcePolicy = ResourcePolicy.builder(definedPolicy.getType(), definedPolicy.getResource()).withAction(definedPolicy.getAction()).withEffect(definedPolicy.getEffect()).withPolicyGroup(definedPolicy.getPolicyGroup()).withCustomProperties(Collections.singletonMap("uniqueKey", UUID.randomUUID().toString())).build();
                        resourcePolicies.add(resourcePolicy);
                    }
                    return resourcePolicies;
                } catch (IllegalAccessException | InvocationTargetException e) {
                    throw new RuntimeException("Cannot evaluate resource policies", e);
                }
            } else {
                String methodName = method.getDeclaringClass().getSimpleName() + "." + method.getName() + "()";
                throw new RuntimeException("Method " + methodName + " with ExplicitResourcePolicies annotation should return a " + "collection of ResourcePolicy");
            }
        }
    }
    return Collections.emptyList();
}
Also used : ExplicitResourcePolicies(io.jmix.security.role.annotation.ExplicitResourcePolicies) ResourcePolicy(io.jmix.security.model.ResourcePolicy)

Example 2 with ResourcePolicy

use of io.jmix.security.model.ResourcePolicy in project jmix by jmix-framework.

the class TestExplicitResourcePoliciesRole method explicitOrderPolicies.

@ExplicitResourcePolicies
static Collection<ResourcePolicy> explicitOrderPolicies() {
    List<ResourcePolicy> resourcePolicies = new ArrayList<>();
    ResourcePolicy policy1 = ResourcePolicy.builder(ResourcePolicyType.SCREEN, "sample_Order.browsr").build();
    resourcePolicies.add(policy1);
    ResourcePolicy policy2 = ResourcePolicy.builder(ResourcePolicyType.ENTITY, "sample_Order").withAction(EntityPolicyAction.READ.getId()).build();
    resourcePolicies.add(policy2);
    return resourcePolicies;
}
Also used : ArrayList(java.util.ArrayList) ResourcePolicy(io.jmix.security.model.ResourcePolicy) ExplicitResourcePolicies(io.jmix.security.role.annotation.ExplicitResourcePolicies)

Example 3 with ResourcePolicy

use of io.jmix.security.model.ResourcePolicy in project jmix by jmix-framework.

the class MenuPolicyExtractor method extractResourcePolicies.

@Override
public Collection<ResourcePolicy> extractResourcePolicies(Method method) {
    Set<ResourcePolicy> resourcePolicies = new HashSet<>();
    Set<MenuPolicy> annotations = AnnotatedElementUtils.findMergedRepeatableAnnotations(method, MenuPolicy.class, MenuPolicyContainer.class);
    for (MenuPolicy annotation : annotations) {
        for (String menuId : annotation.menuIds()) {
            ResourcePolicy resourcePolicy = ResourcePolicy.builder(ResourcePolicyType.MENU, menuId).withPolicyGroup(method.getName()).build();
            resourcePolicies.add(resourcePolicy);
        }
    }
    return resourcePolicies;
}
Also used : MenuPolicy(io.jmix.securityui.role.annotation.MenuPolicy) ResourcePolicy(io.jmix.security.model.ResourcePolicy) HashSet(java.util.HashSet)

Example 4 with ResourcePolicy

use of io.jmix.security.model.ResourcePolicy in project jmix by jmix-framework.

the class ScreenPolicyExtractor method extractResourcePolicies.

@Override
public Collection<ResourcePolicy> extractResourcePolicies(Method method) {
    Set<ResourcePolicy> resourcePolicies = new HashSet<>();
    Set<ScreenPolicy> annotations = AnnotatedElementUtils.findMergedRepeatableAnnotations(method, ScreenPolicy.class, ScreenPolicyContainer.class);
    for (ScreenPolicy screenPolicyAnnotation : annotations) {
        for (String screenId : screenPolicyAnnotation.screenIds()) {
            ResourcePolicy resourcePolicy = ResourcePolicy.builder(ResourcePolicyType.SCREEN, screenId).withPolicyGroup(method.getName()).build();
            resourcePolicies.add(resourcePolicy);
        }
        for (Class screenClass : screenPolicyAnnotation.screenClasses()) {
            UiController uiControllerAnnotation = (UiController) screenClass.getAnnotation(UiController.class);
            String screenId = uiControllerAnnotation.value();
            ResourcePolicy resourcePolicy = ResourcePolicy.builder(ResourcePolicyType.SCREEN, screenId).withPolicyGroup(method.getName()).build();
            resourcePolicies.add(resourcePolicy);
        }
    }
    return resourcePolicies;
}
Also used : ResourcePolicy(io.jmix.security.model.ResourcePolicy) UiController(io.jmix.ui.screen.UiController) ScreenPolicy(io.jmix.securityui.role.annotation.ScreenPolicy) HashSet(java.util.HashSet)

Example 5 with ResourcePolicy

use of io.jmix.security.model.ResourcePolicy in project jmix by jmix-framework.

the class DatabaseResourceRoleProvider method buildRole.

protected ResourceRole buildRole(Object entity) {
    ResourceRoleEntity roleEntity = (ResourceRoleEntity) entity;
    ResourceRole role = new ResourceRole();
    role.setName(roleEntity.getName());
    role.setCode(roleEntity.getCode());
    role.setDescription(roleEntity.getDescription());
    role.setSource(RoleSource.DATABASE);
    role.setChildRoles(roleEntity.getChildRoles());
    role.getCustomProperties().put("databaseId", roleEntity.getId().toString());
    role.setScopes(roleEntity.getScopes() == null ? Collections.emptySet() : roleEntity.getScopes());
    role.setTenantId(roleEntity.getSysTenantId());
    List<ResourcePolicyEntity> resourcePolicyEntities = roleEntity.getResourcePolicies();
    if (resourcePolicyEntities != null) {
        List<ResourcePolicy> resourcePolicies = resourcePolicyEntities.stream().map(e -> {
            Map<String, String> customProperties = new HashMap<>();
            customProperties.put("databaseId", e.getId().toString());
            return ResourcePolicy.builder(e.getType(), e.getResource()).withAction(e.getAction()).withEffect(e.getEffect()).withPolicyGroup(e.getPolicyGroup()).withCustomProperties(customProperties).build();
        }).collect(Collectors.toList());
        role.setResourcePolicies(resourcePolicies);
    }
    return role;
}
Also used : FetchPlan(io.jmix.core.FetchPlan) ResourceRoleProvider(io.jmix.security.role.ResourceRoleProvider) ResourceRoleEntity(io.jmix.securitydata.entity.ResourceRoleEntity) ResourcePolicy(io.jmix.security.model.ResourcePolicy) HashMap(java.util.HashMap) FetchPlanBuilder(io.jmix.core.FetchPlanBuilder) Collectors(java.util.stream.Collectors) ResourceRole(io.jmix.security.model.ResourceRole) Component(org.springframework.stereotype.Component) List(java.util.List) Map(java.util.Map) RoleSource(io.jmix.security.model.RoleSource) ResourcePolicyEntity(io.jmix.securitydata.entity.ResourcePolicyEntity) Collections(java.util.Collections) ResourceRoleEntity(io.jmix.securitydata.entity.ResourceRoleEntity) ResourceRole(io.jmix.security.model.ResourceRole) ResourcePolicy(io.jmix.security.model.ResourcePolicy) ResourcePolicyEntity(io.jmix.securitydata.entity.ResourcePolicyEntity) HashMap(java.util.HashMap) Map(java.util.Map)

Aggregations

ResourcePolicy (io.jmix.security.model.ResourcePolicy)9 HashSet (java.util.HashSet)5 MetaClass (io.jmix.core.metamodel.model.MetaClass)2 ExplicitResourcePolicies (io.jmix.security.role.annotation.ExplicitResourcePolicies)2 FetchPlan (io.jmix.core.FetchPlan)1 FetchPlanBuilder (io.jmix.core.FetchPlanBuilder)1 EntityPolicyAction (io.jmix.security.model.EntityPolicyAction)1 ResourceRole (io.jmix.security.model.ResourceRole)1 RoleSource (io.jmix.security.model.RoleSource)1 ResourceRoleProvider (io.jmix.security.role.ResourceRoleProvider)1 EntityPolicy (io.jmix.security.role.annotation.EntityPolicy)1 GraphQLPolicy (io.jmix.security.role.annotation.GraphQLPolicy)1 SpecificPolicy (io.jmix.security.role.annotation.SpecificPolicy)1 ResourcePolicyEntity (io.jmix.securitydata.entity.ResourcePolicyEntity)1 ResourceRoleEntity (io.jmix.securitydata.entity.ResourceRoleEntity)1 MenuPolicy (io.jmix.securityui.role.annotation.MenuPolicy)1 ScreenPolicy (io.jmix.securityui.role.annotation.ScreenPolicy)1 UiController (io.jmix.ui.screen.UiController)1 ArrayList (java.util.ArrayList)1 Collections (java.util.Collections)1