All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.bonitasoft.engine.authorization.PermissionsBuilder Maven / Gradle / Ivy

The newest version!
/**
 * Copyright (C) 2021 Bonitasoft S.A.
 * Bonitasoft, 32 rue Gustave Eiffel - 38000 Grenoble
 * This library is free software; you can redistribute it and/or modify it under the terms
 * of the GNU Lesser General Public License as published by the Free Software Foundation
 * version 2.1 of the License.
 * This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
 * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 * See the GNU Lesser General Public License for more details.
 * You should have received a copy of the GNU Lesser General Public License along with this
 * program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth
 * Floor, Boston, MA 02110-1301, USA.
 **/
package org.bonitasoft.engine.authorization;

import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Set;

import org.bonitasoft.engine.authorization.properties.CompoundPermissionsMapping;
import org.bonitasoft.engine.authorization.properties.CustomPermissionsMapping;
import org.bonitasoft.engine.business.application.ApplicationService;
import org.bonitasoft.engine.persistence.SBonitaReadException;
import org.springframework.stereotype.Component;

@Component
public class PermissionsBuilder {

    public static final String PROFILE_TYPE_AUTHORIZATION_PREFIX = "profile";

    public static final String USER_TYPE_AUTHORIZATION_PREFIX = "user";

    private final CustomPermissionsMapping customPermissionsMapping;
    private final CompoundPermissionsMapping compoundPermissionsMapping;
    private final ApplicationService applicationService;

    PermissionsBuilder(final ApplicationService applicationService,
            final CustomPermissionsMapping customPermissionsMapping,
            final CompoundPermissionsMapping compoundPermissionsMapping) {
        this.applicationService = applicationService;
        this.customPermissionsMapping = customPermissionsMapping;
        this.compoundPermissionsMapping = compoundPermissionsMapping;
    }

    public Set getPermissions(boolean isTechnicalUser, List profiles, String userName)
            throws SBonitaReadException {
        Set permissions;
        if (isTechnicalUser) {
            permissions = Collections.emptySet();
        } else {
            permissions = new HashSet<>();
            permissions.addAll(getProfilesPermissions(profiles));
            permissions.addAll(getCustomUserPermissions(userName));
            permissions.add(getUserPermission(userName));
        }
        return permissions;
    }

    protected Set getProfilesPermissions(List profiles) throws SBonitaReadException {
        Set permissions = new HashSet<>();
        for (final String pageToken : getAllPagesForUser(profiles)) {
            permissions.addAll(getCompoundPermissions(pageToken));
        }
        for (String profile : profiles) {
            permissions.addAll(getCustomProfilePermissions(profile));
            permissions.add(getProfilePermission(profile));
        }
        return permissions;
    }

    private Set getAllPagesForUser(List profiles) throws SBonitaReadException {
        final Set pageTokens = new HashSet<>();
        for (final String profile : profiles) {
            pageTokens.addAll(getPageTokensForApplicationsMappedToProfile(profile));
        }
        return pageTokens;
    }

    private String getProfilePermission(final String profile) {
        return PROFILE_TYPE_AUTHORIZATION_PREFIX + "|" + profile;
    }

    private String getUserPermission(final String username) {
        return USER_TYPE_AUTHORIZATION_PREFIX + "|" + username;
    }

    private List getPageTokensForApplicationsMappedToProfile(final String profile) throws SBonitaReadException {
        return applicationService.getAllPagesForProfile(profile);
    }

    private Set getCustomProfilePermissions(final String profile) {
        return getCustomPermissions(PROFILE_TYPE_AUTHORIZATION_PREFIX, profile);
    }

    protected Set getCustomUserPermissions(String userName) {
        return getCustomPermissions(USER_TYPE_AUTHORIZATION_PREFIX, userName);
    }

    protected Set getCustomPermissions(final String type, final String identifier) {
        final Set profileSinglePermissions = new HashSet<>();
        final Set customPermissionsForEntity = getCustomPermissionsRaw(type, identifier);
        for (final String customPermissionForEntity : customPermissionsForEntity) {
            final Set simplePermissions = getCompoundPermissions(customPermissionForEntity);
            if (!simplePermissions.isEmpty()) {
                profileSinglePermissions.addAll(simplePermissions);
            } else {
                profileSinglePermissions.add(customPermissionForEntity);
            }
        }
        return profileSinglePermissions;
    }

    private Set getCustomPermissionsRaw(final String type, final String identifier) {
        return customPermissionsMapping.getPropertyAsSet(type + "|" + identifier);
    }

    private Set getCompoundPermissions(final String compoundName) {
        return compoundPermissionsMapping.getPropertyAsSet(compoundName);
    }

}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy