Examples with NamespacePermission org.finra.herd.model.annotation.NamespacePermission used on opensource projects

Search in sources :

Example 51 with NamespacePermission

use of org.finra.herd.model.annotation.NamespacePermission in project herd by FINRAOS.

the class CustomDdlServiceImpl method updateCustomDdl.

/**
 * Updates an existing custom DDL by key.
 *
 * @param customDdlKey the custom DDL key
 *
 * @return the custom DDL information
 */
@NamespacePermission(fields = "#customDdlKey.namespace", permissions = NamespacePermissionEnum.WRITE)
@Override
public CustomDdl updateCustomDdl(CustomDdlKey customDdlKey, CustomDdlUpdateRequest request) {
    // Validate and trim the key.
    customDdlHelper.validateCustomDdlKey(customDdlKey);
    // Validate and trim the DDL.
    Assert.hasText(request.getDdl(), "DDL must be specified.");
    request.setDdl(request.getDdl().trim());
    // Retrieve and ensure that a custom DDL exists with the specified key.
    CustomDdlEntity customDdlEntity = customDdlDaoHelper.getCustomDdlEntity(customDdlKey);
    // Update the entity with the new values.
    customDdlEntity.setDdl(request.getDdl());
    // Persist the entity.
    customDdlEntity = customDdlDao.saveAndRefresh(customDdlEntity);
    // Create and return the custom DDL object from the persisted entity.
    return createCustomDdlFromEntity(customDdlEntity);
}
Also used : CustomDdlEntity(org.finra.herd.model.jpa.CustomDdlEntity) NamespacePermission(org.finra.herd.model.annotation.NamespacePermission)

Example 52 with NamespacePermission

use of org.finra.herd.model.annotation.NamespacePermission in project herd by FINRAOS.

the class NamespaceIamRoleAuthorizationServiceImpl method updateNamespaceIamRoleAuthorization.

@NamespacePermission(fields = "#namespace", permissions = NamespacePermissionEnum.GRANT)
@Override
public NamespaceIamRoleAuthorization updateNamespaceIamRoleAuthorization(String namespace, NamespaceIamRoleAuthorizationUpdateRequest request) {
    Assert.hasText(namespace, "Namespace must be specified");
    Assert.notNull(request, "NamespaceIamRoleAuthorizationCreateRequest must be specified");
    validateIamRoles(request.getIamRoles());
    NamespaceEntity namespaceEntity = namespaceDaoHelper.getNamespaceEntity(namespace.trim());
    List<NamespaceIamRoleAuthorizationEntity> namespaceIamRoleAuthorizationEntities = getNamespaeIamRoleAuthorizationEntities(namespaceEntity);
    for (NamespaceIamRoleAuthorizationEntity namespaceIamRoleAuthorizationEntity : namespaceIamRoleAuthorizationEntities) {
        namespaceIamRoleAuthorizationDao.delete(namespaceIamRoleAuthorizationEntity);
    }
    NamespaceIamRoleAuthorization result = new NamespaceIamRoleAuthorization(namespaceEntity.getCode(), new ArrayList<>());
    for (IamRole iamRole : request.getIamRoles()) {
        NamespaceIamRoleAuthorizationEntity namespaceIamRoleAuthorizationEntity = createNamespaceIamRoleAuthorizationEntity(namespaceEntity, iamRole);
        namespaceIamRoleAuthorizationDao.saveAndRefresh(namespaceIamRoleAuthorizationEntity);
        result.getIamRoles().add(new IamRole(namespaceIamRoleAuthorizationEntity.getIamRoleName(), namespaceIamRoleAuthorizationEntity.getDescription()));
    }
    return result;
}
Also used : NamespaceEntity(org.finra.herd.model.jpa.NamespaceEntity) NamespaceIamRoleAuthorization(org.finra.herd.model.api.xml.NamespaceIamRoleAuthorization) IamRole(org.finra.herd.model.api.xml.IamRole) NamespaceIamRoleAuthorizationEntity(org.finra.herd.model.jpa.NamespaceIamRoleAuthorizationEntity) NamespacePermission(org.finra.herd.model.annotation.NamespacePermission)

Example 53 with NamespacePermission

use of org.finra.herd.model.annotation.NamespacePermission in project herd by FINRAOS.

the class NamespaceIamRoleAuthorizationServiceImpl method createNamespaceIamRoleAuthorization.

@NamespacePermission(fields = "#request?.namespace", permissions = NamespacePermissionEnum.GRANT)
@Override
public NamespaceIamRoleAuthorization createNamespaceIamRoleAuthorization(NamespaceIamRoleAuthorizationCreateRequest request) {
    Assert.notNull(request, "NamespaceIamRoleAuthorizationCreateRequest must be specified");
    Assert.hasText(request.getNamespace(), "Namespace must be specified");
    validateIamRoles(request.getIamRoles());
    NamespaceEntity namespaceEntity = namespaceDaoHelper.getNamespaceEntity(request.getNamespace().trim());
    assertNamespaceIamRoleAuthorizationNotExist(namespaceEntity);
    NamespaceIamRoleAuthorization result = new NamespaceIamRoleAuthorization(namespaceEntity.getCode(), new ArrayList<>());
    for (IamRole iamRole : request.getIamRoles()) {
        NamespaceIamRoleAuthorizationEntity namespaceIamRoleAuthorizationEntity = createNamespaceIamRoleAuthorizationEntity(namespaceEntity, iamRole);
        namespaceIamRoleAuthorizationDao.saveAndRefresh(namespaceIamRoleAuthorizationEntity);
        result.getIamRoles().add(new IamRole(namespaceIamRoleAuthorizationEntity.getIamRoleName(), namespaceIamRoleAuthorizationEntity.getDescription()));
    }
    return result;
}
Also used : NamespaceEntity(org.finra.herd.model.jpa.NamespaceEntity) NamespaceIamRoleAuthorization(org.finra.herd.model.api.xml.NamespaceIamRoleAuthorization) IamRole(org.finra.herd.model.api.xml.IamRole) NamespaceIamRoleAuthorizationEntity(org.finra.herd.model.jpa.NamespaceIamRoleAuthorizationEntity) NamespacePermission(org.finra.herd.model.annotation.NamespacePermission)

Example 54 with NamespacePermission

use of org.finra.herd.model.annotation.NamespacePermission in project herd by FINRAOS.

the class NamespaceSecurityAdvice method checkPermission.

/**
 * Check permission on the service methods before the execution. The method is expected to throw AccessDeniedException if current user does not have the
 * permissions.
 *
 * @param joinPoint The join point
 */
@Before("serviceMethods()")
public void checkPermission(JoinPoint joinPoint) {
    MethodSignature methodSignature = (MethodSignature) joinPoint.getSignature();
    Method method = methodSignature.getMethod();
    List<NamespacePermission> namespacePermissions = new ArrayList<>();
    if (method.isAnnotationPresent(NamespacePermissions.class)) {
        namespacePermissions.addAll(Arrays.asList(method.getAnnotation(NamespacePermissions.class).value()));
    } else if (method.isAnnotationPresent(NamespacePermission.class)) {
        namespacePermissions.add(method.getAnnotation(NamespacePermission.class));
    }
    if (!namespacePermissions.isEmpty()) {
        String[] parameterNames = methodSignature.getParameterNames();
        Object[] args = joinPoint.getArgs();
        Map<String, Object> variables = new HashMap<>();
        for (int i = 0; i < parameterNames.length; i++) {
            variables.put(parameterNames[i], args[i]);
        }
        List<AccessDeniedException> accessDeniedExceptions = new ArrayList<>();
        for (NamespacePermission namespacePermission : namespacePermissions) {
            for (String field : namespacePermission.fields()) {
                try {
                    namespaceSecurityHelper.checkPermission(spelExpressionHelper.evaluate(field, Object.class, variables), namespacePermission.permissions());
                } catch (AccessDeniedException accessDeniedException) {
                    accessDeniedExceptions.add(accessDeniedException);
                }
            }
        }
        if (!accessDeniedExceptions.isEmpty()) {
            throw namespaceSecurityHelper.getAccessDeniedException(accessDeniedExceptions);
        }
    }
}
Also used : AccessDeniedException(org.springframework.security.access.AccessDeniedException) MethodSignature(org.aspectj.lang.reflect.MethodSignature) NamespacePermissions(org.finra.herd.model.annotation.NamespacePermissions) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) Method(java.lang.reflect.Method) JoinPoint(org.aspectj.lang.JoinPoint) NamespacePermission(org.finra.herd.model.annotation.NamespacePermission) Before(org.aspectj.lang.annotation.Before)

Example 55 with NamespacePermission

use of org.finra.herd.model.annotation.NamespacePermission in project herd by FINRAOS.

the class BusinessObjectDefinitionTagServiceImpl method deleteBusinessObjectDefinitionTag.

@NamespacePermission(fields = "#businessObjectDefinitionTagKey.businessObjectDefinitionKey.namespace", permissions = { NamespacePermissionEnum.WRITE_DESCRIPTIVE_CONTENT, NamespacePermissionEnum.WRITE })
@Override
public BusinessObjectDefinitionTag deleteBusinessObjectDefinitionTag(BusinessObjectDefinitionTagKey businessObjectDefinitionTagKey) {
    // Validate and trim the business object definition tag key.
    validateBusinessObjectDefinitionTagKey(businessObjectDefinitionTagKey);
    // Retrieve and ensure that a business object definition tag exists.
    BusinessObjectDefinitionTagEntity businessObjectDefinitionTagEntity = getBusinessObjectDefinitionTagEntity(businessObjectDefinitionTagKey);
    // Delete this business object format.
    businessObjectDefinitionTagDao.delete(businessObjectDefinitionTagEntity);
    // Notify the search index that a business object definition must be updated.
    searchIndexUpdateHelper.modifyBusinessObjectDefinitionInSearchIndex(businessObjectDefinitionDaoHelper.getBusinessObjectDefinitionEntity(businessObjectDefinitionTagKey.getBusinessObjectDefinitionKey()), SEARCH_INDEX_UPDATE_TYPE_UPDATE);
    // Create and return the business object definition tag object from the deleted entity.
    return createBusinessObjectDefinitionTagFromEntity(businessObjectDefinitionTagEntity);
}
Also used : BusinessObjectDefinitionTagEntity(org.finra.herd.model.jpa.BusinessObjectDefinitionTagEntity) NamespacePermission(org.finra.herd.model.annotation.NamespacePermission)

Aggregations

NamespacePermission (org.finra.herd.model.annotation.NamespacePermission)63 BusinessObjectDefinitionEntity (org.finra.herd.model.jpa.BusinessObjectDefinitionEntity)10 BusinessObjectFormatEntity (org.finra.herd.model.jpa.BusinessObjectFormatEntity)10 NamespaceEntity (org.finra.herd.model.jpa.NamespaceEntity)10 AlreadyExistsException (org.finra.herd.model.AlreadyExistsException)9 AttributeValueListEntity (org.finra.herd.model.jpa.AttributeValueListEntity)6 BusinessObjectDataKey (org.finra.herd.model.api.xml.BusinessObjectDataKey)5 BusinessObjectDefinitionKey (org.finra.herd.model.api.xml.BusinessObjectDefinitionKey)5 CustomDdlEntity (org.finra.herd.model.jpa.CustomDdlEntity)5 Credentials (com.amazonaws.services.securitytoken.model.Credentials)4 ArrayList (java.util.ArrayList)4 PublishNotificationMessages (org.finra.herd.model.annotation.PublishNotificationMessages)4 BusinessObjectFormatKey (org.finra.herd.model.api.xml.BusinessObjectFormatKey)4 IamRole (org.finra.herd.model.api.xml.IamRole)4 NamespaceIamRoleAuthorization (org.finra.herd.model.api.xml.NamespaceIamRoleAuthorization)4 BusinessObjectDataEntity (org.finra.herd.model.jpa.BusinessObjectDataEntity)4 NamespaceIamRoleAuthorizationEntity (org.finra.herd.model.jpa.NamespaceIamRoleAuthorizationEntity)4 UserNamespaceAuthorizationEntity (org.finra.herd.model.jpa.UserNamespaceAuthorizationEntity)4 ProcessDefinition (org.activiti.engine.repository.ProcessDefinition)3 ObjectNotFoundException (org.finra.herd.model.ObjectNotFoundException)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial