Example 1 with CriteriaSecurityRuleTranslator
use of io.vertigo.account.impl.authorization.dsl.translator.CriteriaSecurityRuleTranslator in project vertigo by KleeGroup.
the class AuthorizationManagerImpl method isAuthorized.
/**
* {@inheritDoc}
*/
@Override
public <K extends KeyConcept> boolean isAuthorized(final K keyConcept, final OperationName<K> operationName) {
Assertion.checkNotNull(keyConcept);
Assertion.checkNotNull(operationName);
// ---
final Optional<UserAuthorizations> userPermissionsOpt = getUserPermissionsOpt();
if (!userPermissionsOpt.isPresent()) {
// Si il n'y a pas de session alors pas d'autorisation.
return false;
}
final UserAuthorizations userPermissions = userPermissionsOpt.get();
final DtDefinition dtDefinition = DtObjectUtil.findDtDefinition(keyConcept);
final SecuredEntity securedEntity = findSecuredEntity(dtDefinition);
return userPermissions.getEntityAuthorizations(dtDefinition).stream().filter(permission -> permission.getOperation().get().equals(operationName.name()) || permission.getOverrides().contains(operationName.name())).flatMap(permission -> permission.getRules().stream()).anyMatch(rule -> new CriteriaSecurityRuleTranslator<K>().on(securedEntity).withRule(rule).withCriteria(userPermissions.getSecurityKeys()).toCriteria().toPredicate().test(keyConcept));
}
Also used :
RuleMultiExpression(io.vertigo.account.authorization.metamodel.rulemodel.RuleMultiExpression)
CriteriaSecurityRuleTranslator(io.vertigo.account.impl.authorization.dsl.translator.CriteriaSecurityRuleTranslator)
VSecurityManager(io.vertigo.persona.security.VSecurityManager)
UserAuthorizations(io.vertigo.account.authorization.UserAuthorizations)
AuthorizationName(io.vertigo.account.authorization.metamodel.AuthorizationName)
DtDefinition(io.vertigo.dynamo.domain.metamodel.DtDefinition)
DtObjectUtil(io.vertigo.dynamo.domain.util.DtObjectUtil)
Criteria(io.vertigo.dynamo.criteria.Criteria)
AuthorizationManager(io.vertigo.account.authorization.AuthorizationManager)
Collectors(java.util.stream.Collectors)
Inject(javax.inject.Inject)
Home(io.vertigo.app.Home)
List(java.util.List)
DefinitionUtil(io.vertigo.core.definition.DefinitionUtil)
Criterions(io.vertigo.dynamo.criteria.Criterions)
Assertion(io.vertigo.lang.Assertion)
KeyConcept(io.vertigo.dynamo.domain.model.KeyConcept)
Optional(java.util.Optional)
Authorization(io.vertigo.account.authorization.metamodel.Authorization)
OperationName(io.vertigo.account.authorization.metamodel.OperationName)
Collections(java.util.Collections)
SearchSecurityRuleTranslator(io.vertigo.account.impl.authorization.dsl.translator.SearchSecurityRuleTranslator)
UserSession(io.vertigo.persona.security.UserSession)
SecuredEntity(io.vertigo.account.authorization.metamodel.SecuredEntity)
SecuredEntity(io.vertigo.account.authorization.metamodel.SecuredEntity)
DtDefinition(io.vertigo.dynamo.domain.metamodel.DtDefinition)
UserAuthorizations(io.vertigo.account.authorization.UserAuthorizations)
Example 2 with CriteriaSecurityRuleTranslator
use of io.vertigo.account.impl.authorization.dsl.translator.CriteriaSecurityRuleTranslator in project vertigo by KleeGroup.
the class AuthorizationManagerImpl method getCriteriaSecurity.
/**
* {@inheritDoc}
*/
@Override
public <K extends KeyConcept> Criteria<K> getCriteriaSecurity(final Class<K> keyConceptClass, final OperationName<K> operation) {
Assertion.checkNotNull(keyConceptClass);
Assertion.checkNotNull(operation);
// ---
final Optional<UserAuthorizations> userPermissionsOpt = getUserPermissionsOpt();
if (!userPermissionsOpt.isPresent()) {
// Si il n'y a pas de session alors pas d'autorisation.
return Criterions.alwaysFalse();
}
final UserAuthorizations userPermissions = userPermissionsOpt.get();
final DtDefinition dtDefinition = DtObjectUtil.findDtDefinition(keyConceptClass);
final SecuredEntity securedEntity = findSecuredEntity(dtDefinition);
final List<Criteria<K>> criterions = userPermissions.getEntityAuthorizations(dtDefinition).stream().filter(permission -> permission.getOperation().get().equals(operation.name()) || permission.getOverrides().contains(operation.name())).flatMap(permission -> permission.getRules().stream()).map(rule -> new CriteriaSecurityRuleTranslator<K>().on(securedEntity).withRule(rule).withCriteria(userPermissions.getSecurityKeys()).toCriteria()).collect(Collectors.toList());
if (criterions.isEmpty()) {
// Si il n'y a pas de droits alors pas d'autorisation.
return Criterions.alwaysFalse();
}
Criteria<K> securityCriteria = null;
for (final Criteria<K> ruleCriteria : criterions) {
if (securityCriteria == null) {
securityCriteria = ruleCriteria;
} else {
securityCriteria = securityCriteria.or(ruleCriteria);
}
}
return securityCriteria;
}
Also used :
RuleMultiExpression(io.vertigo.account.authorization.metamodel.rulemodel.RuleMultiExpression)
CriteriaSecurityRuleTranslator(io.vertigo.account.impl.authorization.dsl.translator.CriteriaSecurityRuleTranslator)
VSecurityManager(io.vertigo.persona.security.VSecurityManager)
UserAuthorizations(io.vertigo.account.authorization.UserAuthorizations)
AuthorizationName(io.vertigo.account.authorization.metamodel.AuthorizationName)
DtDefinition(io.vertigo.dynamo.domain.metamodel.DtDefinition)
DtObjectUtil(io.vertigo.dynamo.domain.util.DtObjectUtil)
Criteria(io.vertigo.dynamo.criteria.Criteria)
AuthorizationManager(io.vertigo.account.authorization.AuthorizationManager)
Collectors(java.util.stream.Collectors)
Inject(javax.inject.Inject)
Home(io.vertigo.app.Home)
List(java.util.List)
DefinitionUtil(io.vertigo.core.definition.DefinitionUtil)
Criterions(io.vertigo.dynamo.criteria.Criterions)
Assertion(io.vertigo.lang.Assertion)
KeyConcept(io.vertigo.dynamo.domain.model.KeyConcept)
Optional(java.util.Optional)
Authorization(io.vertigo.account.authorization.metamodel.Authorization)
OperationName(io.vertigo.account.authorization.metamodel.OperationName)
Collections(java.util.Collections)
SearchSecurityRuleTranslator(io.vertigo.account.impl.authorization.dsl.translator.SearchSecurityRuleTranslator)
UserSession(io.vertigo.persona.security.UserSession)
SecuredEntity(io.vertigo.account.authorization.metamodel.SecuredEntity)
SecuredEntity(io.vertigo.account.authorization.metamodel.SecuredEntity)
DtDefinition(io.vertigo.dynamo.domain.metamodel.DtDefinition)
CriteriaSecurityRuleTranslator(io.vertigo.account.impl.authorization.dsl.translator.CriteriaSecurityRuleTranslator)
Criteria(io.vertigo.dynamo.criteria.Criteria)
UserAuthorizations(io.vertigo.account.authorization.UserAuthorizations)
Aggregations
AuthorizationManager (io.vertigo.account.authorization.AuthorizationManager)2
UserAuthorizations (io.vertigo.account.authorization.UserAuthorizations)2
Authorization (io.vertigo.account.authorization.metamodel.Authorization)2
AuthorizationName (io.vertigo.account.authorization.metamodel.AuthorizationName)2
OperationName (io.vertigo.account.authorization.metamodel.OperationName)2
SecuredEntity (io.vertigo.account.authorization.metamodel.SecuredEntity)2
RuleMultiExpression (io.vertigo.account.authorization.metamodel.rulemodel.RuleMultiExpression)2
CriteriaSecurityRuleTranslator (io.vertigo.account.impl.authorization.dsl.translator.CriteriaSecurityRuleTranslator)2
SearchSecurityRuleTranslator (io.vertigo.account.impl.authorization.dsl.translator.SearchSecurityRuleTranslator)2
Home (io.vertigo.app.Home)2
DefinitionUtil (io.vertigo.core.definition.DefinitionUtil)2
Criteria (io.vertigo.dynamo.criteria.Criteria)2
Criterions (io.vertigo.dynamo.criteria.Criterions)2
DtDefinition (io.vertigo.dynamo.domain.metamodel.DtDefinition)2
KeyConcept (io.vertigo.dynamo.domain.model.KeyConcept)2
DtObjectUtil (io.vertigo.dynamo.domain.util.DtObjectUtil)2
Assertion (io.vertigo.lang.Assertion)2
UserSession (io.vertigo.persona.security.UserSession)2
VSecurityManager (io.vertigo.persona.security.VSecurityManager)2
Collections (java.util.Collections)2
