Examples with Persisted org.candlepin.model.Persisted used on opensource projects

Example 1 with Persisted

use of org.candlepin.model.Persisted in project candlepin by candlepin.

the class VerifyAuthorizationFilter method getAccessedEntities.

@SuppressWarnings("unchecked")
protected List<Persisted> getAccessedEntities(Verify verify, Object requestValue) {
    // Nothing to access!
    if (verify.nullable() && null == requestValue) {
        return Collections.emptyList();
    }
    List<Persisted> entities = new ArrayList<>();
    Class<? extends Persisted> verifyType = verify.value();
    if (requestValue instanceof String) {
        String verifyParam = (String) requestValue;
        Persisted entity = null;
        entity = storeFactory.getFor(verifyType).lookup(verifyParam);
        // if it is not found.
        if (entity == null) {
            // This is bad, we're verifying a parameter with an ID which
            // doesn't seem to exist in the DB. Error will be thrown in
            // invoke though.
            String typeName = Util.getClassName(verifyType);
            if (typeName.equals("Owner")) {
                typeName = i18nProvider.get().tr("Organization");
            }
            String msg = i18nProvider.get().tr("{0} with id {1} could not be found.", typeName, verifyParam);
            log.info("No such entity: {}, id: {}", typeName, verifyParam);
            throw new NotFoundException(msg);
        }
        entities.add(entity);
    } else if (requestValue instanceof Collection) {
        Collection<String> verifyParams = (Collection<String>) requestValue;
        // up to the requester to determine if something is missing or not.
        if (verifyParams != null && !verifyParams.isEmpty()) {
            entities.addAll(storeFactory.getFor(verifyType).lookup(verifyParams));
        }
    }
    return entities;
}

Example 2 with Persisted

use of org.candlepin.model.Persisted in project candlepin by candlepin.

the class VerifyAuthorizationFilter method hasAccess.

protected boolean hasAccess(Map<Verify, Object> argMap, Principal principal, Access defaultAccess) {
    boolean hasAccess = false;
    Owner owner = null;
    for (Map.Entry<Verify, Object> entry : argMap.entrySet()) {
        List<Persisted> accessedObjects = new ArrayList<>();
        Object obj = entry.getValue();
        Verify verify = entry.getKey();
        Class<? extends Persisted> verifyType = verify.value();
        accessedObjects.addAll(getAccessedEntities(verify, obj));
        Access requiredAccess = defaultAccess;
        if (verify.require() != Access.NONE) {
            requiredAccess = verify.require();
        }
        log.debug("Verifying {} access to {}: {}", requiredAccess, verifyType, obj);
        SubResource subResource = verify.subResource();
        for (Persisted entity : accessedObjects) {
            if (!principal.canAccess(entity, subResource, requiredAccess)) {
                hasAccess = false;
                break;
            }
            hasAccess = true;
            Owner entityOwner = ((EntityStore) storeFactory.getFor(verifyType)).getOwner(entity);
            if (entityOwner != null) {
                if (owner != null && !owner.equals(entityOwner)) {
                    log.error("Found entities from multiple orgs in a single request");
                    throw new IseException("Found entities from multiple orgs in a single request");
                }
                owner = entityOwner;
            }
        }
        // Stop all further checking with any authorization failure
        if (!hasAccess) {
            break;
        }
    }
    if (hasAccess && owner != null) {
        MDC.put("org", owner.getKey());
        if (owner.getLogLevel() != null) {
            MDC.put("orgLogLevel", owner.getLogLevel());
        }
    }
    return hasAccess;
}