Examples with PermissionBlueprint org.candlepin.model.PermissionBlueprint used on opensource projects

Example 6 with PermissionBlueprint

use of org.candlepin.model.PermissionBlueprint in project candlepin by candlepin.

the class RoleResource method removeRolePermission.

@ApiOperation(notes = "Removes a Permission from a Role. Returns the updated Role.", value = "removeRolePermission")
@ApiResponses({ @ApiResponse(code = 404, message = "") })
@DELETE
@Path("{role_id}/permissions/{perm_id}")
@Produces(MediaType.APPLICATION_JSON)
public Role removeRolePermission(@PathParam("role_id") String roleId, @PathParam("perm_id") String permissionId) {
    Role existingRole = lookupRole(roleId);
    Set<PermissionBlueprint> picks = new HashSet<>();
    boolean found = false;
    PermissionBlueprint toRemove = null;
    for (PermissionBlueprint op : existingRole.getPermissions()) {
        if (!op.getId().equals(permissionId)) {
            picks.add(op);
        } else {
            found = true;
            toRemove = op;
        }
    }
    if (!found) {
        throw new NotFoundException(i18n.tr("No such permission: {0} in role: {1}", permissionId, roleId));
    }
    existingRole.setPermissions(picks);
    Role r = this.userService.updateRole(existingRole);
    toRemove.setOwner(null);
    permissionCurator.delete(toRemove);
    return r;
}

Example 7 with PermissionBlueprint

use of org.candlepin.model.PermissionBlueprint in project candlepin by candlepin.

the class OwnerManager method cleanupAndDelete.

@Transactional
public void cleanupAndDelete(Owner owner, boolean revokeCerts) {
    log.info("Cleaning up owner: {}", owner);
    Collection<String> consumerIds = this.ownerCurator.getConsumerIds(owner).list();
    Collection<Consumer> consumers = this.consumerCurator.lockAndLoadByIds(consumerIds);
    consumers.addAll(consumerCurator.listByRecipientOwner(owner).list());
    for (Consumer consumer : consumers) {
        log.info("Removing all entitlements for consumer: {}", consumer);
        // We're about to delete these consumers; no need to regen/dirty their dependent
        // entitlements or recalculate status.
        poolManager.revokeAllEntitlements(consumer, false);
    }
    // FIXME Perhaps this can be handled a little better.
    for (Consumer consumer : consumers) {
        // need to check if this has been removed due to a
        // parent being deleted
        // TODO: There has to be a more efficient way to do this...
        log.info("Deleting consumer: {}", consumer);
        Consumer next = consumerCurator.find(consumer.getId());
        if (next != null) {
            consumerCurator.delete(next);
        }
    }
    for (ActivationKey key : activationKeyCurator.listByOwner(owner)) {
        log.info("Deleting activation key: {}", key);
        activationKeyCurator.delete(key);
    }
    log.debug("Deleting environments for owner: {}", owner);
    envCurator.deleteEnvironmentsForOwner(owner);
    // Delete the ueber certificate for this owner, if one exists.
    log.debug("Deleting uber certificate for owner: {}", owner);
    this.uberCertificateCurator.deleteForOwner(owner);
    for (Pool p : poolManager.listPoolsByOwner(owner)) {
        log.info("Deleting pool: {}", p);
        poolManager.deletePool(p);
    }
    ExporterMetadata m = exportCurator.lookupByTypeAndOwner(ExporterMetadata.TYPE_PER_USER, owner);
    if (m != null) {
        log.info("Deleting export metadata: {}", m);
        exportCurator.delete(m);
    }
    for (ImportRecord record : importRecordCurator.findRecords(owner)) {
        log.info("Deleting import record:  {}", record);
        importRecordCurator.delete(record);
    }
    for (PermissionBlueprint perm : permissionCurator.findByOwner(owner)) {
        log.info("Deleting permission: {}", perm.getAccess());
        perm.getRole().getPermissions().remove(perm);
        permissionCurator.delete(perm);
    }
    log.info("Deleting all products...");
    this.productManager.removeAllProducts(owner);
    log.info("Deleting all content...");
    this.contentManager.removeAllContent(owner, false);
    log.info("Deleting owner: {}", owner);
    ownerCurator.delete(owner);
    ownerCurator.flush();
}

Example 8 with PermissionBlueprint

use of org.candlepin.model.PermissionBlueprint in project candlepin by candlepin.

the class OwnerResourceTest method cleanupWithOutstandingPermissions.

@Test
public void cleanupWithOutstandingPermissions() {
    PermissionBlueprint p = new PermissionBlueprint(PermissionType.OWNER, owner, Access.ALL);
    Role r = new Role("rolename");
    r.addPermission(p);
    roleCurator.create(r);
    ownerResource.deleteOwner(owner.getKey(), false, false);
}

Example 9 with PermissionBlueprint

use of org.candlepin.model.PermissionBlueprint in project candlepin by candlepin.

the class UserResourceTest method testListAllOwners.

@Test
public void testListAllOwners() {
    User user = new User();
    user.setUsername("dummyuser" + TestUtil.randomInt());
    user.setPassword("password");
    userResource.createUser(user);
    Owner owner1 = createOwner();
    Owner owner2 = createOwner();
    Role owner1Role = new Role(owner1.getKey() + " role");
    Role owner2Role = new Role(owner2.getKey() + " role");
    owner1Role.addPermission(new PermissionBlueprint(PermissionType.OWNER, owner1, Access.ALL));
    owner1Role.addPermission(new PermissionBlueprint(PermissionType.OWNER, owner2, Access.READ_ONLY));
    owner1Role.addUser(user);
    owner2Role.addUser(user);
    roleCurator.create(owner1Role);
    roleCurator.create(owner2Role);
    Set<Permission> perms = new HashSet<>();
    perms.add(new OwnerPermission(owner1, Access.ALL));
    perms.add(new OwnerPermission(owner2, Access.READ_ONLY));
    Principal userPrincipal = new UserPrincipal(user.getUsername(), perms, false);
    // Requesting the list of owners for this user should assume ALL, and not
    // return owner2:
    Iterable<Owner> response = userResource.listUsersOwners(user.getUsername(), userPrincipal);
    List<Owner> owners = new LinkedList<>();
    for (Object entity : response) {
        owners.add((Owner) entity);
    }
    assertEquals(1, owners.size());
    assertEquals(owner1.getKey(), owners.get(0).getKey());
}

Example 10 with PermissionBlueprint

use of org.candlepin.model.PermissionBlueprint in project candlepin by candlepin.

the class DatabaseTestFixture method createAdminRole.

public Role createAdminRole(Owner owner) {
    PermissionBlueprint p = new PermissionBlueprint(PermissionType.OWNER, owner, Access.ALL);
    Role role = new Role("testrole" + TestUtil.randomInt());
    role.addPermission(p);
    return role;
}