All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.bremersee.security.access.AclMapperImpl Maven / Gradle / Ivy

/*
 * Copyright 2019 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.bremersee.security.access;

import static org.springframework.util.Assert.notNull;

import java.util.Collections;
import java.util.LinkedHashSet;
import java.util.Set;
import javax.validation.constraints.NotNull;
import org.bremersee.common.model.AccessControlList;
import org.bremersee.security.core.AuthorityConstants;
import org.springframework.lang.Nullable;
import org.springframework.util.StringUtils;

/**
 * The acl mapper implementation.
 *
 * @param  the acl type
 * @author Christian Bremer
 */
public class AclMapperImpl> implements AclMapper {

  private final AclFactory aclFactory;

  private final String[] defaultPermissions;

  private final boolean switchAdminAccess;

  private final boolean returnNull;

  private Set adminRoles;

  /**
   * Instantiates a new acl mapper.
   *
   * @param aclFactory the acl factory
   */
  public AclMapperImpl(
      @NotNull AclFactory aclFactory) {
    this(aclFactory, null, false);
  }

  /**
   * Instantiates a new acl mapper.
   *
   * @param aclFactory the acl factory
   * @param defaultPermissions the default permissions
   * @param switchAdminAccess the switch admin access
   */
  public AclMapperImpl(
      @NotNull AclFactory aclFactory,
      @Nullable String[] defaultPermissions,
      boolean switchAdminAccess) {
    this(aclFactory, defaultPermissions, switchAdminAccess, false);
  }

  /**
   * Instantiates a new acl mapper.
   *
   * @param aclFactory the acl factory
   * @param defaultPermissions the default permissions
   * @param switchAdminAccess the switch admin access
   * @param returnNull the return null
   */
  public AclMapperImpl(
      @NotNull AclFactory aclFactory,
      @Nullable String[] defaultPermissions,
      boolean switchAdminAccess,
      boolean returnNull) {
    notNull(aclFactory, "Acl factory must not be null.");
    this.aclFactory = aclFactory;
    this.defaultPermissions = defaultPermissions;
    this.switchAdminAccess = switchAdminAccess;
    this.returnNull = returnNull;
    getAdminRoles().add(AuthorityConstants.ADMIN_ROLE_NAME);
  }

  /**
   * Gets admin role.
   *
   * @return the admin role
   * @deprecated Use {@link #getAdminRoles()} instead.
   */
  @Deprecated
  public String getAdminRole() {
    return adminRoles != null && !adminRoles.isEmpty() ? adminRoles.iterator().next() : null;
  }

  /**
   * Sets admin role.
   *
   * @param adminRole the admin role
   * @deprecated Use {@link #setAdminRoles(Set)} instead.
   */
  @Deprecated
  public void setAdminRole(String adminRole) {
    if (StringUtils.hasText(adminRole)) {
      this.setAdminRoles(Collections.singleton(adminRole));
    } else {
      this.setAdminRoles(Collections.emptySet());
    }
  }

  /**
   * Gets admin roles.
   *
   * @return the admin roles
   */
  public Set getAdminRoles() {
    if (adminRoles == null) {
      adminRoles = new LinkedHashSet<>();
    }
    return adminRoles;
  }

  /**
   * Sets admin roles.
   *
   * @param adminRoles the admin roles
   */
  public void setAdminRoles(Set adminRoles) {
    this.adminRoles = new LinkedHashSet<>(adminRoles != null ? adminRoles : Collections.emptySet());
  }

  @Override
  public AclFactory getAclFactory() {
    return aclFactory;
  }

  @Override
  public AccessControlList defaultAccessControlList(String owner) {
    return AclBuilder
        .builder()
        .owner(owner)
        .addUser(owner, defaultPermissions)
        .buildAccessControlList();
  }

  @Override
  public AccessControlList map(T acl) {
    if (acl == null && returnNull) {
      return null;
    }
    final AclBuilder aclBuilder = AclBuilder
        .builder()
        .from(acl)
        .defaults(defaultPermissions);
    if (switchAdminAccess) {
      return aclBuilder
          .removeAdminAccess(adminRoles)
          .buildAccessControlList();
    }
    return aclBuilder
        .buildAccessControlList();
  }

  @Override
  public T map(AccessControlList accessControlList) {
    if (accessControlList == null && returnNull) {
      return null;
    }
    final AclBuilder aclBuilder = AclBuilder
        .builder()
        .from(accessControlList)
        .defaults(defaultPermissions);
    if (switchAdminAccess) {
      return aclBuilder
          .ensureAdminAccess(adminRoles)
          .build(aclFactory);
    }
    return aclBuilder
        .build(aclFactory);
  }

  @Override
  public T defaultAcl(String owner) {
    final AclBuilder aclBuilder = AclBuilder
        .builder()
        .owner(owner)
        .addUser(owner, defaultPermissions);
    if (switchAdminAccess) {
      return aclBuilder
          .ensureAdminAccess(adminRoles)
          .build(aclFactory);
    }
    return aclBuilder
        .build(aclFactory);
  }

}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy