Example 1 with SubjectAcl
use of org.obiba.mica.security.domain.SubjectAcl in project mica2 by obiba.
the class CommentMailNotification method send.
@Override
public void send(Comment comment) {
MicaConfig config = micaConfigService.getConfig();
if (comment == null || !config.isCommentNotificationsEnabled())
return;
List<SubjectAcl> acls = Lists.newArrayList(SubjectAcl.newBuilder(Roles.MICA_REVIEWER, SubjectAcl.Type.GROUP).action(PermissionsUtils.asActions("REVIEWER")).build(), SubjectAcl.newBuilder(Roles.MICA_EDITOR, SubjectAcl.Type.GROUP).action(PermissionsUtils.asActions("EDITOR")).build());
acls.addAll(subjectAclService.findByResourceInstance(comment.getResourceId(), comment.getInstanceId()));
List<String> users = acls.stream().filter(s -> s.hasAction("VIEW") && s.getType() == SubjectAcl.Type.USER && !s.getPrincipal().equals(comment.getCreatedBy())).map(SubjectAcl::getPrincipal).collect(toList());
List<String> groups = acls.stream().filter(s -> s.hasAction("VIEW") && s.getType() == SubjectAcl.Type.GROUP).map(SubjectAcl::getPrincipal).collect(toList());
if (users.isEmpty() && groups.isEmpty())
return;
Map<String, String> ctx = Maps.newHashMap();
ctx.put("organization", config.getName());
ctx.put("publicUrl", micaConfigService.getPublicUrl());
ctx.put("documentType", comment.getResourceId().replaceFirst("/draft/", ""));
ctx.put("documentId", comment.getInstanceId());
ctx.put("createdBy", comment.getCreatedBy());
ctx.put("message", comment.getMessage());
ctx.put("status", comment.isNew() ? "CREATED" : "UPDATED");
String commentNotificationSubject = micaConfigService.getConfig().getCommentNotificationsSubject();
mailService.sendEmailToGroupsAndUsers(mailService.getSubject(commentNotificationSubject, ctx, DEFAULT_NOTIFICATION_SUBJECT), "commentAdded", ctx, groups, users);
}
Also used :
MicaConfig(org.obiba.mica.micaConfig.domain.MicaConfig)
SubjectAcl(org.obiba.mica.security.domain.SubjectAcl)
Example 2 with SubjectAcl
use of org.obiba.mica.security.domain.SubjectAcl in project mica2 by obiba.
the class SubjectAclService method addSubjectPermission.
/**
* Add a permission for the subject principal on a given instance.
*
* @param type
* @param principal
* @param resource
* @param action
* @param instance
*/
public synchronized void addSubjectPermission(@NotNull SubjectAcl.Type type, @NotNull String principal, @NotNull String resource, @Nullable String action, @Nullable String instance) {
List<SubjectAcl> acls = subjectAclRepository.findByPrincipalAndTypeAndResourceAndInstance(principal, type, resource, encode(instance));
SubjectAcl acl;
if (acls == null || acls.isEmpty()) {
acl = SubjectAcl.newBuilder(principal, type).resource(resource).action(action).instance(encode(instance)).build();
} else {
acl = acls.get(0);
acl.removeActions();
acl.addAction(action);
}
subjectAclRepository.save(acl);
// inform acls update (for caching)
eventBus.post(new SubjectAclUpdatedEvent(type.subjectFor(principal)));
}
Also used :
SubjectAclUpdatedEvent(org.obiba.mica.security.event.SubjectAclUpdatedEvent)
SubjectAcl(org.obiba.mica.security.domain.SubjectAcl)
Aggregations
SubjectAcl (org.obiba.mica.security.domain.SubjectAcl)2
MicaConfig (org.obiba.mica.micaConfig.domain.MicaConfig)1
SubjectAclUpdatedEvent (org.obiba.mica.security.event.SubjectAclUpdatedEvent)1
