Examples with UserAuthorizations io.vertigo.account.authorization.UserAuthorizations used on opensource projects

Search in sources :

Example 1 with UserAuthorizations

use of io.vertigo.account.authorization.UserAuthorizations in project vertigo by KleeGroup.

the class AuthorizationManagerImpl method isAuthorized.

/**
 * {@inheritDoc}
 */
@Override
public <K extends KeyConcept> boolean isAuthorized(final K keyConcept, final OperationName<K> operationName) {
    Assertion.checkNotNull(keyConcept);
    Assertion.checkNotNull(operationName);
    // ---
    final Optional<UserAuthorizations> userPermissionsOpt = getUserPermissionsOpt();
    if (!userPermissionsOpt.isPresent()) {
        // Si il n'y a pas de session alors pas d'autorisation.
        return false;
    }
    final UserAuthorizations userPermissions = userPermissionsOpt.get();
    final DtDefinition dtDefinition = DtObjectUtil.findDtDefinition(keyConcept);
    final SecuredEntity securedEntity = findSecuredEntity(dtDefinition);
    return userPermissions.getEntityAuthorizations(dtDefinition).stream().filter(permission -> permission.getOperation().get().equals(operationName.name()) || permission.getOverrides().contains(operationName.name())).flatMap(permission -> permission.getRules().stream()).anyMatch(rule -> new CriteriaSecurityRuleTranslator<K>().on(securedEntity).withRule(rule).withCriteria(userPermissions.getSecurityKeys()).toCriteria().toPredicate().test(keyConcept));
}
Also used : RuleMultiExpression(io.vertigo.account.authorization.metamodel.rulemodel.RuleMultiExpression) CriteriaSecurityRuleTranslator(io.vertigo.account.impl.authorization.dsl.translator.CriteriaSecurityRuleTranslator) VSecurityManager(io.vertigo.persona.security.VSecurityManager) UserAuthorizations(io.vertigo.account.authorization.UserAuthorizations) AuthorizationName(io.vertigo.account.authorization.metamodel.AuthorizationName) DtDefinition(io.vertigo.dynamo.domain.metamodel.DtDefinition) DtObjectUtil(io.vertigo.dynamo.domain.util.DtObjectUtil) Criteria(io.vertigo.dynamo.criteria.Criteria) AuthorizationManager(io.vertigo.account.authorization.AuthorizationManager) Collectors(java.util.stream.Collectors) Inject(javax.inject.Inject) Home(io.vertigo.app.Home) List(java.util.List) DefinitionUtil(io.vertigo.core.definition.DefinitionUtil) Criterions(io.vertigo.dynamo.criteria.Criterions) Assertion(io.vertigo.lang.Assertion) KeyConcept(io.vertigo.dynamo.domain.model.KeyConcept) Optional(java.util.Optional) Authorization(io.vertigo.account.authorization.metamodel.Authorization) OperationName(io.vertigo.account.authorization.metamodel.OperationName) Collections(java.util.Collections) SearchSecurityRuleTranslator(io.vertigo.account.impl.authorization.dsl.translator.SearchSecurityRuleTranslator) UserSession(io.vertigo.persona.security.UserSession) SecuredEntity(io.vertigo.account.authorization.metamodel.SecuredEntity) SecuredEntity(io.vertigo.account.authorization.metamodel.SecuredEntity) DtDefinition(io.vertigo.dynamo.domain.metamodel.DtDefinition) UserAuthorizations(io.vertigo.account.authorization.UserAuthorizations)

Example 2 with UserAuthorizations

use of io.vertigo.account.authorization.UserAuthorizations in project vertigo by KleeGroup.

the class AuthorizationManagerImpl method getUserPermissionsOpt.

private Optional<UserAuthorizations> getUserPermissionsOpt() {
    final Optional<UserSession> userSessionOpt = securityManager.getCurrentUserSession();
    if (!userSessionOpt.isPresent()) {
        // Si il n'y a pas de session alors pas d'autorisation.
        return Optional.empty();
    }
    UserAuthorizations userAuthorizations = userSessionOpt.get().getAttribute(USER_SESSION_ACL_KEY);
    if (userAuthorizations == null) {
        userAuthorizations = new UserAuthorizations();
        userSessionOpt.get().putAttribute(USER_SESSION_ACL_KEY, userAuthorizations);
    }
    return Optional.of(userAuthorizations);
}
Also used : UserSession(io.vertigo.persona.security.UserSession) UserAuthorizations(io.vertigo.account.authorization.UserAuthorizations)

Example 3 with UserAuthorizations

use of io.vertigo.account.authorization.UserAuthorizations in project vertigo by KleeGroup.

the class AuthorizationManagerImpl method getAuthorizedOperations.

/**
 * {@inheritDoc}
 */
@Override
public <K extends KeyConcept> List<String> getAuthorizedOperations(final K keyConcept) {
    Assertion.checkNotNull(keyConcept);
    // ---
    final Optional<UserAuthorizations> userPermissionsOpt = getUserPermissionsOpt();
    if (!userPermissionsOpt.isPresent()) {
        // Si il n'y a pas de session alors pas d'autorisation.
        return Collections.emptyList();
    }
    final DtDefinition dtDefinition = DtObjectUtil.findDtDefinition(keyConcept);
    return userPermissionsOpt.get().getEntityAuthorizations(dtDefinition).stream().map(permission -> permission.getOperation().get()).collect(Collectors.toList());
}
Also used : RuleMultiExpression(io.vertigo.account.authorization.metamodel.rulemodel.RuleMultiExpression) CriteriaSecurityRuleTranslator(io.vertigo.account.impl.authorization.dsl.translator.CriteriaSecurityRuleTranslator) VSecurityManager(io.vertigo.persona.security.VSecurityManager) UserAuthorizations(io.vertigo.account.authorization.UserAuthorizations) AuthorizationName(io.vertigo.account.authorization.metamodel.AuthorizationName) DtDefinition(io.vertigo.dynamo.domain.metamodel.DtDefinition) DtObjectUtil(io.vertigo.dynamo.domain.util.DtObjectUtil) Criteria(io.vertigo.dynamo.criteria.Criteria) AuthorizationManager(io.vertigo.account.authorization.AuthorizationManager) Collectors(java.util.stream.Collectors) Inject(javax.inject.Inject) Home(io.vertigo.app.Home) List(java.util.List) DefinitionUtil(io.vertigo.core.definition.DefinitionUtil) Criterions(io.vertigo.dynamo.criteria.Criterions) Assertion(io.vertigo.lang.Assertion) KeyConcept(io.vertigo.dynamo.domain.model.KeyConcept) Optional(java.util.Optional) Authorization(io.vertigo.account.authorization.metamodel.Authorization) OperationName(io.vertigo.account.authorization.metamodel.OperationName) Collections(java.util.Collections) SearchSecurityRuleTranslator(io.vertigo.account.impl.authorization.dsl.translator.SearchSecurityRuleTranslator) UserSession(io.vertigo.persona.security.UserSession) SecuredEntity(io.vertigo.account.authorization.metamodel.SecuredEntity) DtDefinition(io.vertigo.dynamo.domain.metamodel.DtDefinition) UserAuthorizations(io.vertigo.account.authorization.UserAuthorizations)

Example 4 with UserAuthorizations

use of io.vertigo.account.authorization.UserAuthorizations in project vertigo by KleeGroup.

the class AuthorizationManagerImpl method getCriteriaSecurity.

/**
 * {@inheritDoc}
 */
@Override
public <K extends KeyConcept> Criteria<K> getCriteriaSecurity(final Class<K> keyConceptClass, final OperationName<K> operation) {
    Assertion.checkNotNull(keyConceptClass);
    Assertion.checkNotNull(operation);
    // ---
    final Optional<UserAuthorizations> userPermissionsOpt = getUserPermissionsOpt();
    if (!userPermissionsOpt.isPresent()) {
        // Si il n'y a pas de session alors pas d'autorisation.
        return Criterions.alwaysFalse();
    }
    final UserAuthorizations userPermissions = userPermissionsOpt.get();
    final DtDefinition dtDefinition = DtObjectUtil.findDtDefinition(keyConceptClass);
    final SecuredEntity securedEntity = findSecuredEntity(dtDefinition);
    final List<Criteria<K>> criterions = userPermissions.getEntityAuthorizations(dtDefinition).stream().filter(permission -> permission.getOperation().get().equals(operation.name()) || permission.getOverrides().contains(operation.name())).flatMap(permission -> permission.getRules().stream()).map(rule -> new CriteriaSecurityRuleTranslator<K>().on(securedEntity).withRule(rule).withCriteria(userPermissions.getSecurityKeys()).toCriteria()).collect(Collectors.toList());
    if (criterions.isEmpty()) {
        // Si il n'y a pas de droits alors pas d'autorisation.
        return Criterions.alwaysFalse();
    }
    Criteria<K> securityCriteria = null;
    for (final Criteria<K> ruleCriteria : criterions) {
        if (securityCriteria == null) {
            securityCriteria = ruleCriteria;
        } else {
            securityCriteria = securityCriteria.or(ruleCriteria);
        }
    }
    return securityCriteria;
}
Also used : RuleMultiExpression(io.vertigo.account.authorization.metamodel.rulemodel.RuleMultiExpression) CriteriaSecurityRuleTranslator(io.vertigo.account.impl.authorization.dsl.translator.CriteriaSecurityRuleTranslator) VSecurityManager(io.vertigo.persona.security.VSecurityManager) UserAuthorizations(io.vertigo.account.authorization.UserAuthorizations) AuthorizationName(io.vertigo.account.authorization.metamodel.AuthorizationName) DtDefinition(io.vertigo.dynamo.domain.metamodel.DtDefinition) DtObjectUtil(io.vertigo.dynamo.domain.util.DtObjectUtil) Criteria(io.vertigo.dynamo.criteria.Criteria) AuthorizationManager(io.vertigo.account.authorization.AuthorizationManager) Collectors(java.util.stream.Collectors) Inject(javax.inject.Inject) Home(io.vertigo.app.Home) List(java.util.List) DefinitionUtil(io.vertigo.core.definition.DefinitionUtil) Criterions(io.vertigo.dynamo.criteria.Criterions) Assertion(io.vertigo.lang.Assertion) KeyConcept(io.vertigo.dynamo.domain.model.KeyConcept) Optional(java.util.Optional) Authorization(io.vertigo.account.authorization.metamodel.Authorization) OperationName(io.vertigo.account.authorization.metamodel.OperationName) Collections(java.util.Collections) SearchSecurityRuleTranslator(io.vertigo.account.impl.authorization.dsl.translator.SearchSecurityRuleTranslator) UserSession(io.vertigo.persona.security.UserSession) SecuredEntity(io.vertigo.account.authorization.metamodel.SecuredEntity) SecuredEntity(io.vertigo.account.authorization.metamodel.SecuredEntity) DtDefinition(io.vertigo.dynamo.domain.metamodel.DtDefinition) CriteriaSecurityRuleTranslator(io.vertigo.account.impl.authorization.dsl.translator.CriteriaSecurityRuleTranslator) Criteria(io.vertigo.dynamo.criteria.Criteria) UserAuthorizations(io.vertigo.account.authorization.UserAuthorizations)

Example 5 with UserAuthorizations

use of io.vertigo.account.authorization.UserAuthorizations in project vertigo by KleeGroup.

the class AuthorizationManagerImpl method getSearchSecurity.

/**
 * {@inheritDoc}
 */
@Override
public <K extends KeyConcept> String getSearchSecurity(final Class<K> keyConceptClass, final OperationName<K> operationName) {
    Assertion.checkNotNull(keyConceptClass);
    Assertion.checkNotNull(operationName);
    // ---
    final Optional<UserAuthorizations> userPermissionsOpt = getUserPermissionsOpt();
    if (!userPermissionsOpt.isPresent()) {
        // Attention : pas de *:*
        return "";
    }
    final UserAuthorizations userPermissions = userPermissionsOpt.get();
    final SearchSecurityRuleTranslator securityRuleTranslator = new SearchSecurityRuleTranslator();
    securityRuleTranslator.withCriteria(userPermissions.getSecurityKeys());
    final DtDefinition dtDefinition = DtObjectUtil.findDtDefinition(keyConceptClass);
    final List<Authorization> permissions = userPermissions.getEntityAuthorizations(dtDefinition).stream().filter(permission -> permission.getOperation().get().equals(operationName.name())).collect(Collectors.toList());
    for (final Authorization permission : permissions) {
        for (final RuleMultiExpression ruleExpression : permission.getRules()) {
            securityRuleTranslator.withRule(ruleExpression);
        }
    }
    return securityRuleTranslator.toSearchQuery();
}
Also used : Authorization(io.vertigo.account.authorization.metamodel.Authorization) RuleMultiExpression(io.vertigo.account.authorization.metamodel.rulemodel.RuleMultiExpression) CriteriaSecurityRuleTranslator(io.vertigo.account.impl.authorization.dsl.translator.CriteriaSecurityRuleTranslator) VSecurityManager(io.vertigo.persona.security.VSecurityManager) UserAuthorizations(io.vertigo.account.authorization.UserAuthorizations) AuthorizationName(io.vertigo.account.authorization.metamodel.AuthorizationName) DtDefinition(io.vertigo.dynamo.domain.metamodel.DtDefinition) DtObjectUtil(io.vertigo.dynamo.domain.util.DtObjectUtil) Criteria(io.vertigo.dynamo.criteria.Criteria) AuthorizationManager(io.vertigo.account.authorization.AuthorizationManager) Collectors(java.util.stream.Collectors) Inject(javax.inject.Inject) Home(io.vertigo.app.Home) List(java.util.List) DefinitionUtil(io.vertigo.core.definition.DefinitionUtil) Criterions(io.vertigo.dynamo.criteria.Criterions) Assertion(io.vertigo.lang.Assertion) KeyConcept(io.vertigo.dynamo.domain.model.KeyConcept) Optional(java.util.Optional) Authorization(io.vertigo.account.authorization.metamodel.Authorization) OperationName(io.vertigo.account.authorization.metamodel.OperationName) Collections(java.util.Collections) SearchSecurityRuleTranslator(io.vertigo.account.impl.authorization.dsl.translator.SearchSecurityRuleTranslator) UserSession(io.vertigo.persona.security.UserSession) SecuredEntity(io.vertigo.account.authorization.metamodel.SecuredEntity) SearchSecurityRuleTranslator(io.vertigo.account.impl.authorization.dsl.translator.SearchSecurityRuleTranslator) RuleMultiExpression(io.vertigo.account.authorization.metamodel.rulemodel.RuleMultiExpression) DtDefinition(io.vertigo.dynamo.domain.metamodel.DtDefinition) UserAuthorizations(io.vertigo.account.authorization.UserAuthorizations)

Aggregations

UserAuthorizations (io.vertigo.account.authorization.UserAuthorizations)5 UserSession (io.vertigo.persona.security.UserSession)5 AuthorizationManager (io.vertigo.account.authorization.AuthorizationManager)4 Authorization (io.vertigo.account.authorization.metamodel.Authorization)4 AuthorizationName (io.vertigo.account.authorization.metamodel.AuthorizationName)4 OperationName (io.vertigo.account.authorization.metamodel.OperationName)4 SecuredEntity (io.vertigo.account.authorization.metamodel.SecuredEntity)4 RuleMultiExpression (io.vertigo.account.authorization.metamodel.rulemodel.RuleMultiExpression)4 CriteriaSecurityRuleTranslator (io.vertigo.account.impl.authorization.dsl.translator.CriteriaSecurityRuleTranslator)4 SearchSecurityRuleTranslator (io.vertigo.account.impl.authorization.dsl.translator.SearchSecurityRuleTranslator)4 Home (io.vertigo.app.Home)4 DefinitionUtil (io.vertigo.core.definition.DefinitionUtil)4 Criteria (io.vertigo.dynamo.criteria.Criteria)4 Criterions (io.vertigo.dynamo.criteria.Criterions)4 DtDefinition (io.vertigo.dynamo.domain.metamodel.DtDefinition)4 KeyConcept (io.vertigo.dynamo.domain.model.KeyConcept)4 DtObjectUtil (io.vertigo.dynamo.domain.util.DtObjectUtil)4 Assertion (io.vertigo.lang.Assertion)4 VSecurityManager (io.vertigo.persona.security.VSecurityManager)4 Collections (java.util.Collections)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial