Example 1 with RolePermissionService
use of net.geoprism.registry.permission.RolePermissionService in project geoprism-registry by terraframe.
the class Organization method isRegistryMaintainer.
/**
* @param org
* @return If the current user is part of the registry admin role for the
* given organization
*/
public static boolean isRegistryMaintainer(Organization org) {
if (new RolePermissionService().isSRA()) {
return true;
}
final SessionIF session = Session.getCurrentSession();
if (session != null) {
Map<String, ServerGeoObjectType> types = org.getGeoObjectTypes();
Set<Entry<String, ServerGeoObjectType>> entries = types.entrySet();
for (Entry<String, ServerGeoObjectType> entry : entries) {
String roleName = RegistryRole.Type.getRM_RoleName(org.getCode(), entry.getKey());
boolean hasRole = session.userHasRole(roleName);
if (hasRole) {
return true;
}
}
return false;
}
return true;
}
Also used :
RolePermissionService(net.geoprism.registry.permission.RolePermissionService)
Entry(java.util.Map.Entry)
ServerGeoObjectType(net.geoprism.registry.model.ServerGeoObjectType)
SessionIF(com.runwaysdk.session.SessionIF)
Example 2 with RolePermissionService
use of net.geoprism.registry.permission.RolePermissionService in project geoprism-registry by terraframe.
the class ChangeRequestPermissionService method getPermissions.
public Set<ChangeRequestPermissionAction> getPermissions(ChangeRequest cr) {
final RolePermissionService perms = ServiceFactory.getRolePermissionService();
final String orgCode = cr.getOrganizationCode();
final String gotCode = cr.getGeoObjectTypeCode();
ServerGeoObjectType type = null;
if (gotCode != null) {
type = ServerGeoObjectType.get(gotCode, true);
}
HashSet<ChangeRequestPermissionAction> actions = new HashSet<ChangeRequestPermissionAction>();
final AllGovernanceStatus status = cr.getGovernanceStatus();
if (perms.isSRA()) {
actions.addAll(Arrays.asList(ChangeRequestPermissionAction.values()));
actions.remove(ChangeRequestPermissionAction.DELETE);
actions.remove(ChangeRequestPermissionAction.WRITE_CONTRIBUTOR_NOTES);
actions.remove(ChangeRequestPermissionAction.WRITE_DETAILS);
if (status.equals(AllGovernanceStatus.ACCEPTED)) {
actions.remove(ChangeRequestPermissionAction.EXECUTE);
actions.remove(ChangeRequestPermissionAction.WRITE_MAINTAINER_NOTES);
}
} else if (perms.isRA(orgCode)) {
actions.addAll(Arrays.asList(ChangeRequestPermissionAction.values()));
actions.remove(ChangeRequestPermissionAction.DELETE);
actions.remove(ChangeRequestPermissionAction.WRITE_CONTRIBUTOR_NOTES);
actions.remove(ChangeRequestPermissionAction.WRITE_DETAILS);
if (status.equals(AllGovernanceStatus.ACCEPTED)) {
actions.remove(ChangeRequestPermissionAction.EXECUTE);
actions.remove(ChangeRequestPermissionAction.WRITE_MAINTAINER_NOTES);
}
} else if (perms.isRM(orgCode, type)) {
actions.addAll(Arrays.asList(ChangeRequestPermissionAction.values()));
actions.remove(ChangeRequestPermissionAction.DELETE);
actions.remove(ChangeRequestPermissionAction.WRITE_CONTRIBUTOR_NOTES);
actions.remove(ChangeRequestPermissionAction.WRITE_DETAILS);
if (status.equals(AllGovernanceStatus.ACCEPTED)) {
actions.remove(ChangeRequestPermissionAction.EXECUTE);
actions.remove(ChangeRequestPermissionAction.WRITE_MAINTAINER_NOTES);
}
} else if (perms.isRC(orgCode, type) || perms.isAC(orgCode, type)) {
actions.addAll(Arrays.asList(ChangeRequestPermissionAction.READ, ChangeRequestPermissionAction.WRITE, ChangeRequestPermissionAction.READ_APPROVAL_STATUS, ChangeRequestPermissionAction.READ_DETAILS, ChangeRequestPermissionAction.WRITE_DETAILS, ChangeRequestPermissionAction.READ_DOCUMENTS, ChangeRequestPermissionAction.WRITE_DOCUMENTS, ChangeRequestPermissionAction.READ_MAINTAINER_NOTES, ChangeRequestPermissionAction.READ_CONTRIBUTOR_NOTES, ChangeRequestPermissionAction.WRITE_CONTRIBUTOR_NOTES, ChangeRequestPermissionAction.SUBMIT, ChangeRequestPermissionAction.DELETE));
SessionIF session = Session.getCurrentSession();
if (session == null || session.getUser() == null || cr.getCreatedBy() == null || !cr.getCreatedBy().getOid().equals(session.getUser().getOid())) {
actions.remove(ChangeRequestPermissionAction.DELETE);
}
if (status.equals(AllGovernanceStatus.ACCEPTED) || status.equals(AllGovernanceStatus.REJECTED) || status.equals(AllGovernanceStatus.INVALID) || status.equals(AllGovernanceStatus.PARTIAL)) {
actions.remove(ChangeRequestPermissionAction.WRITE_CONTRIBUTOR_NOTES);
actions.remove(ChangeRequestPermissionAction.WRITE_DETAILS);
actions.remove(ChangeRequestPermissionAction.DELETE);
}
}
if (orgCode == null || gotCode == null) {
actions.removeAll(Arrays.asList(ChangeRequestPermissionAction.EXECUTE, ChangeRequestPermissionAction.WRITE_APPROVAL_STATUS, ChangeRequestPermissionAction.WRITE_DETAILS));
if (gotCode == null) {
actions.remove(ChangeRequestPermissionAction.READ_DETAILS);
}
if (perms.isSRA() || perms.isRA() || perms.isRM()) {
actions.add(ChangeRequestPermissionAction.DELETE);
}
}
return actions;
}
Also used :
RolePermissionService(net.geoprism.registry.permission.RolePermissionService)
ServerGeoObjectType(net.geoprism.registry.model.ServerGeoObjectType)
HashSet(java.util.HashSet)
SessionIF(com.runwaysdk.session.SessionIF)
Example 3 with RolePermissionService
use of net.geoprism.registry.permission.RolePermissionService in project geoprism-registry by terraframe.
the class ListCurationJob method startInTrans.
@Transaction
private JobHistoryRecord startInTrans(ListTypeVersion version) {
final ListType listType = version.getListType();
final ServerGeoObjectType type = listType.getGeoObjectType();
final Organization org = listType.getOrganization();
RolePermissionService perms = ServiceFactory.getRolePermissionService();
if (perms.isRA()) {
perms.enforceRA(org.getCode());
} else if (perms.isRM()) {
perms.enforceRM(org.getCode(), type);
} else {
perms.enforceRM();
}
ListCurationHistory history = (ListCurationHistory) this.createNewHistory();
history.appLock();
history.setVersion(version);
history.apply();
JobHistoryRecord record = new JobHistoryRecord(this, history);
record.apply();
return record;
}
Also used :
RolePermissionService(net.geoprism.registry.permission.RolePermissionService)
Organization(net.geoprism.registry.Organization)
ServerGeoObjectType(net.geoprism.registry.model.ServerGeoObjectType)
JobHistoryRecord(com.runwaysdk.system.scheduler.JobHistoryRecord)
ListType(net.geoprism.registry.ListType)
Transaction(com.runwaysdk.dataaccess.transaction.Transaction)
Example 4 with RolePermissionService
use of net.geoprism.registry.permission.RolePermissionService in project geoprism-registry by terraframe.
the class ServerGeoObjectService method createGeoObjectInTrans.
@Transaction
public JsonObject createGeoObjectInTrans(String sPtn, String sTimeGo, String masterListId, String notes) {
GeoObjectOverTime timeGO = GeoObjectOverTime.fromJSON(ServiceFactory.getAdapter(), sTimeGo);
ServerGeoObjectType serverGOT = ServerGeoObjectType.get(timeGO.getType());
RolePermissionService perms = ServiceFactory.getRolePermissionService();
final String orgCode = serverGOT.getOrganization().getCode();
if (perms.isSRA() || perms.isRA(orgCode) || perms.isRM(orgCode, serverGOT)) {
ServerGeoObjectService service = new ServerGeoObjectService();
ServerGeoObjectIF serverGO = service.apply(timeGO, true, false);
final ServerGeoObjectType type = serverGO.getType();
if (sPtn != null) {
ServerParentTreeNodeOverTime ptnOt = ServerParentTreeNodeOverTime.fromJSON(type, sPtn);
serverGO.setParents(ptnOt);
}
// Update the master list record
if (masterListId != null) {
ListTypeVersion.get(masterListId).publishRecord(serverGO);
}
JsonObject resp = new JsonObject();
resp.addProperty("isChangeRequest", false);
resp.add("geoObject", serverGO.toGeoObjectOverTime().toJSON(ServiceFactory.getRegistryService().serializer(Session.getCurrentSession().getOid())));
return resp;
} else if (ServiceFactory.getRolePermissionService().isRC(orgCode, serverGOT)) {
Instant base = Instant.now();
int sequence = 0;
ChangeRequest request = new ChangeRequest();
request.addApprovalStatus(AllGovernanceStatus.PENDING);
request.setContributorNotes(notes);
request.setGeoObjectCode(timeGO.getCode());
request.setGeoObjectTypeCode(timeGO.getType().getCode());
request.setOrganizationCode(orgCode);
request.apply();
CreateGeoObjectAction action = new CreateGeoObjectAction();
action.addApprovalStatus(AllGovernanceStatus.PENDING);
action.setCreateActionDate(Date.from(base.plus(sequence++, ChronoUnit.MINUTES)));
action.setGeoObjectJson(sTimeGo);
action.setParentJson(sPtn);
action.setApiVersion(CGRAdapterProperties.getApiVersion());
action.setContributorNotes(notes);
action.apply();
request.addAction(action).apply();
JsonObject resp = new JsonObject();
resp.addProperty("isChangeRequest", true);
resp.addProperty("changeRequestId", request.getOid());
return resp;
} else {
throw new CGRPermissionException();
}
}
Also used :
RolePermissionService(net.geoprism.registry.permission.RolePermissionService)
CGRPermissionException(net.geoprism.registry.CGRPermissionException)
CreateGeoObjectAction(net.geoprism.registry.action.geoobject.CreateGeoObjectAction)
ServerGeoObjectIF(net.geoprism.registry.model.ServerGeoObjectIF)
ServerGeoObjectType(net.geoprism.registry.model.ServerGeoObjectType)
Instant(java.time.Instant)
JsonObject(com.google.gson.JsonObject)
GeoObjectOverTime(org.commongeoregistry.adapter.dataaccess.GeoObjectOverTime)
ServerParentTreeNodeOverTime(net.geoprism.registry.view.ServerParentTreeNodeOverTime)
ChangeRequest(net.geoprism.registry.action.ChangeRequest)
Transaction(com.runwaysdk.dataaccess.transaction.Transaction)
Example 5 with RolePermissionService
use of net.geoprism.registry.permission.RolePermissionService in project geoprism-registry by terraframe.
the class HierarchyService method getHierarchyGroupedTypes.
@Request(RequestType.SESSION)
public JsonArray getHierarchyGroupedTypes(String sessionId) {
final HierarchyTypePermissionServiceIF hierarchyPermissions = ServiceFactory.getHierarchyPermissionService();
final GeoObjectTypePermissionServiceIF typePermissions = ServiceFactory.getGeoObjectTypePermissionService();
final RolePermissionService rps = ServiceFactory.getRolePermissionService();
final boolean isSRA = rps.isSRA();
JsonArray allHiers = new JsonArray();
List<ServerHierarchyType> shts = ServiceFactory.getMetadataCache().getAllHierarchyTypes();
for (ServerHierarchyType sht : shts) {
final String htOrgCode = sht.getOrganizationCode();
if (hierarchyPermissions.canRead(htOrgCode) && (isSRA || rps.isRA(htOrgCode) || rps.isRM(htOrgCode))) {
JsonObject hierView = new JsonObject();
hierView.addProperty("code", sht.getCode());
hierView.addProperty("label", sht.getDisplayLabel().getValue());
hierView.addProperty("orgCode", sht.getOrganizationCode());
JsonArray allHierTypes = new JsonArray();
List<ServerGeoObjectType> types = sht.getAllTypes();
for (ServerGeoObjectType type : types) {
final String gotOrgCode = type.getOrganizationCode();
if (typePermissions.canRead(gotOrgCode, type, type.getIsPrivate()) && (isSRA || rps.isRA(gotOrgCode) || rps.isRM(gotOrgCode, type))) {
if (type.getIsAbstract()) {
JsonObject superView = new JsonObject();
superView.addProperty("code", type.getCode());
superView.addProperty("label", type.getLabel().getValue());
superView.addProperty("orgCode", type.getOrganizationCode());
superView.addProperty("isAbstract", true);
List<ServerGeoObjectType> subtypes = type.getSubtypes();
for (ServerGeoObjectType subtype : subtypes) {
JsonObject typeView = new JsonObject();
typeView.addProperty("code", subtype.getCode());
typeView.addProperty("label", subtype.getLabel().getValue());
typeView.addProperty("orgCode", subtype.getOrganization().getCode());
typeView.add("super", superView);
allHierTypes.add(typeView);
}
} else {
JsonObject typeView = new JsonObject();
typeView.addProperty("code", type.getCode());
typeView.addProperty("label", type.getLabel().getValue());
typeView.addProperty("orgCode", type.getOrganizationCode());
allHierTypes.add(typeView);
}
}
}
hierView.add("types", allHierTypes);
allHiers.add(hierView);
}
}
return allHiers;
}
Also used :
RolePermissionService(net.geoprism.registry.permission.RolePermissionService)
JsonArray(com.google.gson.JsonArray)
ServerHierarchyType(net.geoprism.registry.model.ServerHierarchyType)
HierarchyTypePermissionServiceIF(net.geoprism.registry.permission.HierarchyTypePermissionServiceIF)
ServerGeoObjectType(net.geoprism.registry.model.ServerGeoObjectType)
JsonObject(com.google.gson.JsonObject)
GeoObjectTypePermissionServiceIF(net.geoprism.registry.permission.GeoObjectTypePermissionServiceIF)
Request(com.runwaysdk.session.Request)
Aggregations
RolePermissionService (net.geoprism.registry.permission.RolePermissionService)15
ServerGeoObjectType (net.geoprism.registry.model.ServerGeoObjectType)11
JsonObject (com.google.gson.JsonObject)4
Transaction (com.runwaysdk.dataaccess.transaction.Transaction)3
SessionIF (com.runwaysdk.session.SessionIF)3
Organization (net.geoprism.registry.Organization)3
JsonArray (com.google.gson.JsonArray)2
HashSet (java.util.HashSet)2
CGRPermissionException (net.geoprism.registry.CGRPermissionException)2
ListType (net.geoprism.registry.ListType)2
ChangeRequest (net.geoprism.registry.action.ChangeRequest)2
ServerGeoObjectIF (net.geoprism.registry.model.ServerGeoObjectIF)2
VertexServerGeoObject (net.geoprism.registry.model.graph.VertexServerGeoObject)2
GeoObjectPermissionService (net.geoprism.registry.permission.GeoObjectPermissionService)2
GraphQuery (com.runwaysdk.business.graph.GraphQuery)1
VertexObject (com.runwaysdk.business.graph.VertexObject)1
RoleDAOIF (com.runwaysdk.business.rbac.RoleDAOIF)1
SingleActorDAOIF (com.runwaysdk.business.rbac.SingleActorDAOIF)1
MdAttributeDAOIF (com.runwaysdk.dataaccess.MdAttributeDAOIF)1
MdEdgeDAOIF (com.runwaysdk.dataaccess.MdEdgeDAOIF)1
