Examples with IRole - org.eclipse.vorto.repository.domain.IRole

Example 1 with IRole

use of org.eclipse.vorto.repository.domain.IRole in project vorto by eclipse.

the class EntityDTOConverter method createCollaborators.

public static Collection<Collaborator> createCollaborators(Map<User, Collection<IRole>> usersAndRoles) {
    Collection<Collaborator> result = new TreeSet<>(Comparator.comparing(Collaborator::getUserId));
    usersAndRoles.forEach((u, c) -> {
        Collaborator collaborator = new Collaborator();
        collaborator.setAuthenticationProviderId(u.getAuthenticationProviderId());
        collaborator.setRoles(c.stream().map(IRole::getName).collect(Collectors.toSet()));
        collaborator.setSubject(u.getSubject());
        collaborator.setTechnicalUser(u.isTechnicalUser());
        collaborator.setUserId(u.getUsername());
        result.add(collaborator);
    });
    return result;
}

Also used : Collaborator(org.eclipse.vorto.repository.web.api.v1.dto.Collaborator) IRole(org.eclipse.vorto.repository.domain.IRole) TreeSet(java.util.TreeSet)

Example 2 with IRole

use of org.eclipse.vorto.repository.domain.IRole in project vorto by eclipse.

the class SearchTestInfrastructure method setupNamespaceMocking.

private void setupNamespaceMocking() throws OperationForbiddenException, DoesNotExistException {
    when(namespaceService.resolveWorkspaceIdForNamespace(anyString())).thenReturn(Optional.of("playground"));
    when(namespaceService.findNamespaceByWorkspaceId(anyString())).thenReturn(mockNamespace());
    when(namespaceRepository.findAll()).thenReturn(Arrays.asList(mockNamespace()));
    when(userNamespaceRoleService.hasRole(anyString(), any(), any())).thenReturn(true);
    when(userNamespaceRoleService.getNamespaces(anyString(), anyString())).thenReturn(Arrays.asList(mockNamespace()));
    List<String> workspaceIds = new ArrayList<>();
    workspaceIds.add("playground");
    when(namespaceService.findAllWorkspaceIds()).thenReturn(workspaceIds);
    NamespaceRole role = new NamespaceRole();
    role.setName("namespace_admin");
    role.setPrivileges(7);
    role.setRole(32);
    Set<IRole> roles = new HashSet<>();
    roles.add(role);
    when(userNamespaceRoleService.getRoles(anyString(), anyString())).thenReturn(roles);
    when(userNamespaceRoleService.getRoles(any(User.class), any(Namespace.class))).thenReturn(roles);
    Set<Privilege> privileges = new HashSet<>(Arrays.asList(Privilege.DEFAULT_PRIVILEGES));
    when(privilegeService.getPrivileges(anyLong())).thenReturn(privileges);
}

Also used : User(org.eclipse.vorto.repository.domain.User) IRole(org.eclipse.vorto.repository.domain.IRole) ArrayList(java.util.ArrayList) NamespaceRole(org.eclipse.vorto.repository.domain.NamespaceRole) Matchers.anyString(org.mockito.Matchers.anyString) Privilege(org.eclipse.vorto.repository.domain.Privilege) Namespace(org.eclipse.vorto.repository.domain.Namespace) HashSet(java.util.HashSet)

Example 3 with IRole

use of org.eclipse.vorto.repository.domain.IRole in project vorto by eclipse.

the class NamespaceController method getAllNamespacesForLoggedUser.

/**
 * @return all namespaces the logged on user has access to.
 */
@RequestMapping(method = RequestMethod.GET, value = "/all")
@PreAuthorize("isAuthenticated()")
public ResponseEntity<Collection<NamespaceDto>> getAllNamespacesForLoggedUser() {
    IUserContext userContext = UserContext.user(SecurityContextHolder.getContext().getAuthentication());
    Collection<NamespaceDto> namespaces = new TreeSet<>(Comparator.comparing(NamespaceDto::getName));
    try {
        for (Map.Entry<Namespace, Map<User, Collection<IRole>>> entry : userNamespaceRoleService.getNamespacesCollaboratorsAndRoles(userContext.getUsername(), userContext.getUsername(), "namespace_admin").entrySet()) {
            namespaces.add(EntityDTOConverter.createNamespaceDTO(entry.getKey(), entry.getValue()));
        }
    } catch (OperationForbiddenException ofe) {
        return new ResponseEntity<>(namespaces, HttpStatus.FORBIDDEN);
    } catch (DoesNotExistException d) {
        return new ResponseEntity<>(namespaces, HttpStatus.NOT_FOUND);
    }
    return new ResponseEntity<>(namespaces, HttpStatus.OK);
}

Also used : IUserContext(org.eclipse.vorto.repository.core.IUserContext) NamespaceDto(org.eclipse.vorto.repository.web.api.v1.dto.NamespaceDto) OperationForbiddenException(org.eclipse.vorto.repository.services.exceptions.OperationForbiddenException) DoesNotExistException(org.eclipse.vorto.repository.services.exceptions.DoesNotExistException) ResponseEntity(org.springframework.http.ResponseEntity) IRole(org.eclipse.vorto.repository.domain.IRole) TreeSet(java.util.TreeSet) Map(java.util.Map) Namespace(org.eclipse.vorto.repository.domain.Namespace) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 4 with IRole

use of org.eclipse.vorto.repository.domain.IRole in project vorto by eclipse.

the class IsReviewerCondition method passesCondition.

@Override
public boolean passesCondition(ModelInfo model, IUserContext user) {
    IRole role = roleService.findAnyByName("model_reviewer").orElseThrow(() -> new IllegalStateException("model_reviewer role not found."));
    User foundUser = userAccountService.getUser(user.getUsername());
    return Objects.nonNull(foundUser) && hasRole(user, foundUser, role);
}

Also used : User(org.eclipse.vorto.repository.domain.User) IRole(org.eclipse.vorto.repository.domain.IRole)

Example 5 with IRole

use of org.eclipse.vorto.repository.domain.IRole in project vorto by eclipse.

the class ReadOnlyRoleAccessPolicy method execute.

@Override
public void execute(ModelInfo model, IUserContext user, Map<String, Object> context) {
    IModelPolicyManager policyManager = repositoryFactory.getPolicyManager(user.getWorkspaceId(), user.getAuthentication());
    IRole role = roleToMakeReadOnly.get();
    LOGGER.info(String.format("Setting read-only access to model [%s] for role [%s].", model.getId(), role.getName()));
    Collection<PolicyEntry> policies = policyManager.getPolicyEntries(model.getId());
    for (PolicyEntry policy : policies) {
        if (policy.getPrincipalId().equals(role.getName()) && policy.getPrincipalType() == PrincipalType.Role) {
            policyManager.makePolicyEntryReadOnly(model.getId(), policy);
            break;
        }
    }
}

Also used : IRole(org.eclipse.vorto.repository.domain.IRole) PolicyEntry(org.eclipse.vorto.repository.core.PolicyEntry) IModelPolicyManager(org.eclipse.vorto.repository.core.IModelPolicyManager)

Aggregations

IRole (org.eclipse.vorto.repository.domain.IRole)7 User (org.eclipse.vorto.repository.domain.User)3 TreeSet (java.util.TreeSet)2 IModelPolicyManager (org.eclipse.vorto.repository.core.IModelPolicyManager)2 PolicyEntry (org.eclipse.vorto.repository.core.PolicyEntry)2 Namespace (org.eclipse.vorto.repository.domain.Namespace)2 ArrayList (java.util.ArrayList)1 HashSet (java.util.HashSet)1 Map (java.util.Map)1 IUserContext (org.eclipse.vorto.repository.core.IUserContext)1 NamespaceRole (org.eclipse.vorto.repository.domain.NamespaceRole)1 Privilege (org.eclipse.vorto.repository.domain.Privilege)1 DoesNotExistException (org.eclipse.vorto.repository.services.exceptions.DoesNotExistException)1 OperationForbiddenException (org.eclipse.vorto.repository.services.exceptions.OperationForbiddenException)1 Collaborator (org.eclipse.vorto.repository.web.api.v1.dto.Collaborator)1 NamespaceDto (org.eclipse.vorto.repository.web.api.v1.dto.NamespaceDto)1 Matchers.anyString (org.mockito.Matchers.anyString)1 ResponseEntity (org.springframework.http.ResponseEntity)1 PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)1 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)1