Search in sources :

Example 1 with KapuaPredicate

use of org.eclipse.kapua.model.query.predicate.KapuaPredicate in project kapua by eclipse.

the class KapuaAuthorizingRealm method doGetAuthorizationInfo.

@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) throws AuthenticationException {
    // 
    // Extract principal
    String username = (String) principals.getPrimaryPrincipal();
    logger.debug("Getting authorization info for: {}", username);
    // 
    // Get Services
    KapuaLocator locator = KapuaLocator.getInstance();
    UserService userService = locator.getService(UserService.class);
    UserPermissionService userPermissionService = locator.getService(UserPermissionService.class);
    UserPermissionFactory userPermissionFactory = locator.getFactory(UserPermissionFactory.class);
    PermissionFactory permissionFactory = locator.getFactory(PermissionFactory.class);
    // 
    // Get the associated user by name
    final User user;
    try {
        user = KapuaSecurityUtils.doPriviledge(new Callable<User>() {

            @Override
            public User call() throws Exception {
                return userService.findByName(username);
            }
        });
    } catch (Exception e) {
        // to preserve the original exception message (if possible)
        if (e instanceof AuthenticationException) {
            throw (AuthenticationException) e;
        } else {
            throw new ShiroException("Error while find user!", e);
        }
    }
    // Check existence
    if (user == null) {
        throw new UnknownAccountException();
    }
    // 
    // Get user permissions set
    UserPermissionQuery query = userPermissionFactory.newQuery(user.getScopeId());
    KapuaPredicate predicate = new AttributePredicate<KapuaId>(UserPermissionPredicates.USER_ID, user.getId());
    query.setPredicate(predicate);
    final KapuaListResult<UserPermission> userPermissions;
    try {
        userPermissions = KapuaSecurityUtils.doPriviledge(new Callable<KapuaListResult<UserPermission>>() {

            @Override
            public KapuaListResult<UserPermission> call() throws Exception {
                return userPermissionService.query(query);
            }
        });
    } catch (Exception e) {
        // to preserve the original exception message (if possible)
        if (e instanceof AuthenticationException) {
            throw (AuthenticationException) e;
        } else {
            throw new ShiroException("Error while find permissions!", e);
        }
    }
    // 
    // Create SimpleAuthorizationInfo with principals permissions
    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
    for (UserPermission userPermission : userPermissions.getItems()) {
        Permission p = permissionFactory.newPermission(userPermission.getPermission().getDomain(), userPermission.getPermission().getAction(), userPermission.getPermission().getTargetScopeId());
        logger.trace("Username: {} has permission: {}", username, p);
        info.addStringPermission(p.toString());
    }
    return info;
}
Also used : KapuaLocator(org.eclipse.kapua.locator.KapuaLocator) User(org.eclipse.kapua.service.user.User) SimpleAuthorizationInfo(org.apache.shiro.authz.SimpleAuthorizationInfo) UserService(org.eclipse.kapua.service.user.UserService) AuthenticationException(org.apache.shiro.authc.AuthenticationException) PermissionFactory(org.eclipse.kapua.service.authorization.permission.PermissionFactory) UserPermissionFactory(org.eclipse.kapua.service.authorization.user.permission.UserPermissionFactory) UnknownAccountException(org.apache.shiro.authc.UnknownAccountException) Callable(java.util.concurrent.Callable) ShiroException(org.apache.shiro.ShiroException) AuthenticationException(org.apache.shiro.authc.AuthenticationException) UnknownAccountException(org.apache.shiro.authc.UnknownAccountException) KapuaException(org.eclipse.kapua.KapuaException) AttributePredicate(org.eclipse.kapua.commons.model.query.predicate.AttributePredicate) ShiroException(org.apache.shiro.ShiroException) UserPermissionQuery(org.eclipse.kapua.service.authorization.user.permission.UserPermissionQuery) UserPermission(org.eclipse.kapua.service.authorization.user.permission.UserPermission) Permission(org.eclipse.kapua.service.authorization.permission.Permission) UserPermissionService(org.eclipse.kapua.service.authorization.user.permission.UserPermissionService) UserPermissionFactory(org.eclipse.kapua.service.authorization.user.permission.UserPermissionFactory) KapuaPredicate(org.eclipse.kapua.model.query.predicate.KapuaPredicate) UserPermission(org.eclipse.kapua.service.authorization.user.permission.UserPermission)

Example 2 with KapuaPredicate

use of org.eclipse.kapua.model.query.predicate.KapuaPredicate in project kapua by eclipse.

the class ServiceDAO method handleOrPredicate.

@SuppressWarnings("rawtypes")
private static <E> Expression<Boolean> handleOrPredicate(KapuaOrPredicate andPredicate, Map<ParameterExpression, Object> binds, CriteriaBuilder cb, Root<E> entityRoot, EntityType<E> entityType) throws KapuaException {
    List<Expression<Boolean>> exprs = new ArrayList<Expression<Boolean>>();
    for (KapuaPredicate pred : andPredicate.getPredicates()) {
        Expression<Boolean> expr = handleKapuaQueryPredicates(pred, binds, cb, entityRoot, entityType);
        exprs.add(expr);
    }
    return cb.or(exprs.toArray(new Predicate[] {}));
}
Also used : Expression(javax.persistence.criteria.Expression) ParameterExpression(javax.persistence.criteria.ParameterExpression) ArrayList(java.util.ArrayList) KapuaPredicate(org.eclipse.kapua.model.query.predicate.KapuaPredicate) KapuaAndPredicate(org.eclipse.kapua.model.query.predicate.KapuaAndPredicate) KapuaOrPredicate(org.eclipse.kapua.model.query.predicate.KapuaOrPredicate) Predicate(javax.persistence.criteria.Predicate) KapuaPredicate(org.eclipse.kapua.model.query.predicate.KapuaPredicate) KapuaAttributePredicate(org.eclipse.kapua.model.query.predicate.KapuaAttributePredicate)

Example 3 with KapuaPredicate

use of org.eclipse.kapua.model.query.predicate.KapuaPredicate in project kapua by eclipse.

the class DeviceConnectionServiceImpl method findByClientId.

@Override
public DeviceConnection findByClientId(KapuaId scopeId, String clientId) throws KapuaException {
    // 
    // Argument Validation
    ArgumentValidator.notNull(scopeId, "scopeId");
    ArgumentValidator.notEmptyOrNull(clientId, "clientId");
    // 
    // Build query
    DeviceConnectionQueryImpl query = new DeviceConnectionQueryImpl(scopeId);
    KapuaPredicate predicate = new AttributePredicate<String>(DeviceConnectionPredicates.CLIENT_ID, clientId);
    query.setPredicate(predicate);
    // 
    // Query and parse result
    DeviceConnection device = null;
    DeviceConnectionListResult result = query(query);
    if (result.getSize() == 1) {
        device = result.getItem(0);
    }
    return device;
}
Also used : DeviceConnectionListResult(org.eclipse.kapua.service.device.registry.connection.DeviceConnectionListResult) DeviceConnection(org.eclipse.kapua.service.device.registry.connection.DeviceConnection) KapuaPredicate(org.eclipse.kapua.model.query.predicate.KapuaPredicate) AttributePredicate(org.eclipse.kapua.commons.model.query.predicate.AttributePredicate)

Example 4 with KapuaPredicate

use of org.eclipse.kapua.model.query.predicate.KapuaPredicate in project kapua by eclipse.

the class CredentialServiceImpl method findByUserId.

@Override
public CredentialListResult findByUserId(KapuaId scopeId, KapuaId userId) throws KapuaException {
    // 
    // Argument Validation
    ArgumentValidator.notNull(scopeId, "scopeId");
    ArgumentValidator.notNull(userId, "userId");
    // 
    // Check Access
    KapuaLocator locator = KapuaLocator.getInstance();
    AuthorizationService authorizationService = locator.getService(AuthorizationService.class);
    PermissionFactory permissionFactory = locator.getFactory(PermissionFactory.class);
    authorizationService.checkPermission(permissionFactory.newPermission(CredentialDomain.CREDENTIAL, Actions.read, scopeId));
    // 
    // Build query
    CredentialQuery query = new CredentialQueryImpl(scopeId);
    KapuaPredicate predicate = new AttributePredicate<KapuaId>(CredentialPredicates.USER_ID, userId);
    query.setPredicate(predicate);
    // Query and return result
    return query(query);
}
Also used : CredentialQuery(org.eclipse.kapua.service.authentication.credential.CredentialQuery) KapuaLocator(org.eclipse.kapua.locator.KapuaLocator) AuthorizationService(org.eclipse.kapua.service.authorization.AuthorizationService) PermissionFactory(org.eclipse.kapua.service.authorization.permission.PermissionFactory) KapuaPredicate(org.eclipse.kapua.model.query.predicate.KapuaPredicate) AttributePredicate(org.eclipse.kapua.commons.model.query.predicate.AttributePredicate)

Example 5 with KapuaPredicate

use of org.eclipse.kapua.model.query.predicate.KapuaPredicate in project kapua by eclipse.

the class ServiceDAO method handleAndPredicate.

@SuppressWarnings("rawtypes")
private static <E> Expression<Boolean> handleAndPredicate(KapuaAndPredicate andPredicate, Map<ParameterExpression, Object> binds, CriteriaBuilder cb, Root<E> entityRoot, EntityType<E> entityType) throws KapuaException {
    List<Expression<Boolean>> exprs = new ArrayList<Expression<Boolean>>();
    for (KapuaPredicate pred : andPredicate.getPredicates()) {
        Expression<Boolean> expr = handleKapuaQueryPredicates(pred, binds, cb, entityRoot, entityType);
        exprs.add(expr);
    }
    return cb.and(exprs.toArray(new Predicate[] {}));
}
Also used : Expression(javax.persistence.criteria.Expression) ParameterExpression(javax.persistence.criteria.ParameterExpression) ArrayList(java.util.ArrayList) KapuaPredicate(org.eclipse.kapua.model.query.predicate.KapuaPredicate) KapuaAndPredicate(org.eclipse.kapua.model.query.predicate.KapuaAndPredicate) KapuaOrPredicate(org.eclipse.kapua.model.query.predicate.KapuaOrPredicate) Predicate(javax.persistence.criteria.Predicate) KapuaPredicate(org.eclipse.kapua.model.query.predicate.KapuaPredicate) KapuaAttributePredicate(org.eclipse.kapua.model.query.predicate.KapuaAttributePredicate)

Aggregations

KapuaPredicate (org.eclipse.kapua.model.query.predicate.KapuaPredicate)6 AttributePredicate (org.eclipse.kapua.commons.model.query.predicate.AttributePredicate)4 ArrayList (java.util.ArrayList)2 Expression (javax.persistence.criteria.Expression)2 ParameterExpression (javax.persistence.criteria.ParameterExpression)2 Predicate (javax.persistence.criteria.Predicate)2 KapuaLocator (org.eclipse.kapua.locator.KapuaLocator)2 KapuaAndPredicate (org.eclipse.kapua.model.query.predicate.KapuaAndPredicate)2 KapuaAttributePredicate (org.eclipse.kapua.model.query.predicate.KapuaAttributePredicate)2 KapuaOrPredicate (org.eclipse.kapua.model.query.predicate.KapuaOrPredicate)2 PermissionFactory (org.eclipse.kapua.service.authorization.permission.PermissionFactory)2 Callable (java.util.concurrent.Callable)1 ShiroException (org.apache.shiro.ShiroException)1 AuthenticationException (org.apache.shiro.authc.AuthenticationException)1 UnknownAccountException (org.apache.shiro.authc.UnknownAccountException)1 SimpleAuthorizationInfo (org.apache.shiro.authz.SimpleAuthorizationInfo)1 KapuaException (org.eclipse.kapua.KapuaException)1 CredentialQuery (org.eclipse.kapua.service.authentication.credential.CredentialQuery)1 AuthorizationService (org.eclipse.kapua.service.authorization.AuthorizationService)1 Permission (org.eclipse.kapua.service.authorization.permission.Permission)1