Examples with GrantFunctionAccess org.jaffa.security.securityrolesdomain.GrantFunctionAccess used on opensource projects

Example 1 with GrantFunctionAccess

use of org.jaffa.security.securityrolesdomain.GrantFunctionAccess in project jaffa-framework by jaffa-projects.

the class RoleXmlLoadTest method testRoleRegistration.

/**
 * Verifies that we can register and unregsiter specific roles into the role repository.
 */
@Test
public void testRoleRegistration() {
    RoleManager roleManager = xmlLoaderConfig.getBean(RoleManager.class);
    assertNull(roleManager.getRole("CONTRACTOR"));
    Role contractorRole = new Role();
    GrantFunctionAccess grantFunctionAccess = new GrantFunctionAccess();
    grantFunctionAccess.setName("Function 1");
    contractorRole.getGrantFunctionAccess().add(grantFunctionAccess);
    ContextKey key = new ContextKey("CONTRACTOR", "roles.xml", VariationContext.NULL_VARIATION, "100-Highest");
    roleManager.registerRole(key, contractorRole);
    assertNotNull(roleManager.getRole("CONTRACTOR"));
    roleManager.unregisterRole(key);
    assertNull(roleManager.getRole("CONTRACTOR"));
}

Example 2 with GrantFunctionAccess

use of org.jaffa.security.securityrolesdomain.GrantFunctionAccess in project jaffa-framework by jaffa-projects.

the class CheckPolicy method checkPolicy.

/**
 * checkPolicy() - Compares the business functions from the businessFunctionManager with the contents of m_compoErrors.
 */
private static synchronized void checkPolicy() {
    // Read the business function file
    List<String> bfuncs = readFunctions();
    // Get mandatory functions per component
    Map compList = ComponentManager.getComponentRequirements();
    // For Each component make sure that the business functions are valid
    for (Iterator it = compList.keySet().iterator(); it.hasNext(); ) {
        String comp = (String) it.next();
        String[] funcs = (String[]) compList.get(comp);
        if (funcs == null) {
            continue;
        }
        for (int i = 0; i < funcs.length; i++) {
            if (!bfuncs.contains(funcs[i])) {
                m_compErrors.put(comp, funcs[i]);
                log.warn("Function '" + funcs[i] + "' on Component '" + comp + "' is Not Valid!");
            }
        }
    }
    // For Each role make sure that the business functions are valid
    List<Role> allRoles = PolicyManager.getAllRoles();
    for (Role role : allRoles) {
        for (GrantFunctionAccess grantFunctionAccess : role.getGrantFunctionAccess()) {
            if (!bfuncs.contains(grantFunctionAccess.getName())) {
                m_roleErrors.put(role.getName(), grantFunctionAccess.getName());
                log.warn("Business Function '" + grantFunctionAccess.getName() + "' in Role '" + role.getName() + "' is Not Valid!");
            }
        }
    }
}

Example 3 with GrantFunctionAccess

use of org.jaffa.security.securityrolesdomain.GrantFunctionAccess in project jaffa-framework by jaffa-projects.

the class RoleManager method buildRoleMap.

/**
 * buildRoleMap - Builds a hashmap of name-grantfunctionAccess lists for use in the PolicyCache.
 *
 * @return A Map of Role names as keys and values that contain a List of GrantFunctionAccess.
 */
public Map<String, List<String>> buildRoleMap() {
    Map<String, List<String>> nameGrantFunctionAccessMap = new HashMap<>();
    List<Role> roleList = getAllRoles();
    for (Role role : roleList) {
        if (log.isDebugEnabled())
            log.debug("Processing Role: " + role.getName());
        List<GrantFunctionAccess> access = role.getGrantFunctionAccess();
        List<String> funcs = null;
        if (access != null) {
            funcs = new LinkedList<>();
            // Add all the names in all of the GrantAccess objects to the list.
            for (GrantFunctionAccess gfa : access) {
                funcs.add(gfa.getName());
                if (log.isDebugEnabled())
                    log.debug("Processing Role: " + role.getName() + " has function " + gfa.getName());
            }
        }
        // If there are some functions, add it to the master Map
        if (funcs != null)
            nameGrantFunctionAccessMap.put(role.getName(), funcs);
    }
    return nameGrantFunctionAccessMap;
}

Example 4 with GrantFunctionAccess

use of org.jaffa.security.securityrolesdomain.GrantFunctionAccess in project jaffa-framework by jaffa-projects.

the class CheckPolicyComponent method getRoleMap.

/**
 * This creates a HashMap of role and list bussiness-functions for that role
 */
static HashMap getRoleMap() {
    // Get the roles, throws exceptions if there are issues
    RoleManager roleManager = PolicyManager.getRoleManager();
    Roles roles = (null != roleManager) ? roleManager.getRoles() : null;
    m_roleBFMap.clear();
    if (roles == null) {
        return m_roleBFMap;
    }
    List roleList = roles.getRole();
    // Bail if there are no roles....
    if (roleList == null) {
        return m_roleBFMap;
    }
    // Loop of all the role objects
    for (Iterator it = roleList.iterator(); it.hasNext(); ) {
        Role role = (Role) it.next();
        if (log.isDebugEnabled()) {
            log.debug("Processing Role: " + role.getName());
        }
        List access = role.getGrantFunctionAccess();
        List funcs = null;
        if (access != null) {
            funcs = new ArrayList();
            // Add all the names in all of the GrantAccess objects to the list.
            for (Iterator it2 = access.iterator(); it2.hasNext(); ) {
                GrantFunctionAccess gfa = (GrantFunctionAccess) it2.next();
                funcs.add(gfa.getName());
                if (log.isDebugEnabled()) {
                    log.debug("Processing Role: " + role.getName() + " has function " + gfa.getName());
                }
            }
        }
        // If there are some functions, add it to the master hashmap
        if (funcs != null) {
            m_roleBFMap.put(role.getName(), funcs);
        }
    }
    // Return the construsted Map
    return m_roleBFMap;
}