Example 1 with PolicyEntry
use of org.eclipse.vorto.repository.core.PolicyEntry in project vorto by eclipse.
the class ModelRepositoryController method removePolicyEntry.
@PreAuthorize("hasAuthority('sysadmin') or " + "hasPermission(T(org.eclipse.vorto.model.ModelId).fromPrettyFormat(#modelId)," + "T(org.eclipse.vorto.repository.core.PolicyEntry.Permission).FULL_ACCESS)")
@DeleteMapping(value = "/{modelId:.+}/policies/{principalId:.+}/{principalType:.+}")
public void removePolicyEntry(@PathVariable final String modelId, @PathVariable final String principalId, @PathVariable final String principalType) {
Objects.requireNonNull(modelId, "modelID must not be null");
Objects.requireNonNull(principalId, "principalID must not be null");
final PolicyEntry entry = PolicyEntry.of(principalId, PrincipalType.valueOf(principalType), null);
if (attemptChangePolicyOfCurrentUser(entry)) {
throw new IllegalArgumentException("Cannot change policy of current user");
}
getPolicyManager(getWorkspaceId(modelId)).removePolicyEntry(ModelId.fromPrettyFormat(modelId), entry);
}
Also used :
PolicyEntry(org.eclipse.vorto.repository.core.PolicyEntry)
DeleteMapping(org.springframework.web.bind.annotation.DeleteMapping)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
Example 2 with PolicyEntry
use of org.eclipse.vorto.repository.core.PolicyEntry in project vorto by eclipse.
the class ModelPolicyManager method createAceForEveryEntryInNewEntries.
private void createAceForEveryEntryInNewEntries(AccessControlManager acm, AccessControlList _acl, PolicyEntry[] newEntries) throws RepositoryException {
for (PolicyEntry newEntry : newEntries) {
String[] privileges = createPrivileges(newEntry);
Privilege[] permissions = new Privilege[privileges.length];
for (int i = 0; i < privileges.length; i++) {
permissions[i] = acm.privilegeFromName(privileges[i]);
}
if (privileges.length > 0) {
_acl.addAccessControlEntry(SimplePrincipal.newInstance(newEntry.toACEPrincipal()), permissions);
}
}
}
Also used :
Privilege(javax.jcr.security.Privilege)
PolicyEntry(org.eclipse.vorto.repository.core.PolicyEntry)
Example 3 with PolicyEntry
use of org.eclipse.vorto.repository.core.PolicyEntry in project vorto by eclipse.
the class ModelPolicyManager method makePolicyEntryReadOnly.
@Override
public void makePolicyEntryReadOnly(ModelId modelId, PolicyEntry entryToChange) {
// firstly, creates a read-only-permission entry based on the policy just removed
PolicyEntry readOnlyPolicy = new PolicyEntry();
readOnlyPolicy.setPermission(Permission.READ);
readOnlyPolicy.setPrincipalId(entryToChange.getPrincipalId());
readOnlyPolicy.setPrincipalType(entryToChange.getPrincipalType());
// and add it, so the policy to remove can be removed
this.addPolicyEntry(modelId, readOnlyPolicy);
// then, removes the entry
this.removePolicyEntry(modelId, entryToChange);
}
Also used :
PolicyEntry(org.eclipse.vorto.repository.core.PolicyEntry)
Example 4 with PolicyEntry
use of org.eclipse.vorto.repository.core.PolicyEntry in project vorto by eclipse.
the class ClaimOwnership method execute.
@Override
public void execute(ModelInfo model, IUserContext user, Map<String, Object> context) {
LOGGER.info("Claiming model " + model.getId() + " of user '" + user.getUsername() + "' and role 'admin'");
Collection<PolicyEntry> policies = repositoryFactory.getPolicyManager(user.getWorkspaceId(), user.getAuthentication()).getPolicyEntries(model.getId());
for (PolicyEntry entry : policies) {
LOGGER.info("removing " + entry);
repositoryFactory.getPolicyManager(user.getWorkspaceId(), user.getAuthentication()).removePolicyEntry(model.getId(), entry);
}
repositoryFactory.getPolicyManager(user.getWorkspaceId(), user.getAuthentication()).addPolicyEntry(model.getId(), PolicyEntry.of(user.getUsername(), PrincipalType.User, Permission.FULL_ACCESS), PolicyEntry.of(RepositoryRole.SYS_ADMIN.getName(), PrincipalType.Role, Permission.FULL_ACCESS));
model.setAuthor(user.getUsername());
repositoryFactory.getRepository(user.getWorkspaceId(), user.getAuthentication()).updateMeta(model);
}
Also used :
PolicyEntry(org.eclipse.vorto.repository.core.PolicyEntry)
Example 5 with PolicyEntry
use of org.eclipse.vorto.repository.core.PolicyEntry in project vorto by eclipse.
the class IntegrationTestBase method setPublic.
protected void setPublic(String modelId) throws Exception {
PolicyEntry publicPolicyEntry = new PolicyEntry();
publicPolicyEntry.setPrincipalId(IModelPolicyManager.ANONYMOUS_ACCESS_POLICY);
publicPolicyEntry.setPermission(PolicyEntry.Permission.READ);
publicPolicyEntry.setPrincipalType(PolicyEntry.PrincipalType.User);
String publicPolicyEntryStr = new Gson().toJson(publicPolicyEntry);
repositoryServer.perform(put("/rest/models/" + modelId + "/policies").with(userSysadmin).contentType(MediaType.APPLICATION_JSON).content(publicPolicyEntryStr));
}
Also used :
Gson(com.google.gson.Gson)
PolicyEntry(org.eclipse.vorto.repository.core.PolicyEntry)
Aggregations
PolicyEntry (org.eclipse.vorto.repository.core.PolicyEntry)9
IModelPolicyManager (org.eclipse.vorto.repository.core.IModelPolicyManager)4
Lists (com.google.common.collect.Lists)2
ApiOperation (io.swagger.annotations.ApiOperation)2
ApiParam (io.swagger.annotations.ApiParam)2
ApiResponse (io.swagger.annotations.ApiResponse)2
ApiResponses (io.swagger.annotations.ApiResponses)2
ByteArrayInputStream (java.io.ByteArrayInputStream)2
ByteArrayOutputStream (java.io.ByteArrayOutputStream)2
IOException (java.io.IOException)2
Principal (java.security.Principal)2
Collection (java.util.Collection)2
HashMap (java.util.HashMap)2
List (java.util.List)2
Map (java.util.Map)2
Objects (java.util.Objects)2
Optional (java.util.Optional)2
ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)2
ExecutionException (java.util.concurrent.ExecutionException)2
ExecutorService (java.util.concurrent.ExecutorService)2
