All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.bremersee.security.access.AclMapperImpl Maven / Gradle / Ivy

/*
 * Copyright 2019 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.bremersee.security.access;

import static org.springframework.util.Assert.notNull;

import javax.validation.constraints.NotNull;
import lombok.Getter;
import lombok.Setter;
import org.bremersee.common.model.AccessControlList;
import org.bremersee.security.core.AuthorityConstants;
import org.springframework.lang.Nullable;

/**
 * The acl mapper implementation.
 *
 * @param  the acl type
 * @author Christian Bremer
 */
@SuppressWarnings({"unused", "WeakerAccess"})
public class AclMapperImpl> implements AclMapper {

  private final AclFactory aclFactory;

  private final String[] defaultPermissions;

  private final boolean switchAdminAccess;

  private final boolean returnNull;

  @Getter
  @Setter
  private String adminRole = AuthorityConstants.ADMIN_ROLE_NAME;

  /**
   * Instantiates a new acl mapper.
   *
   * @param aclFactory the acl factory
   */
  public AclMapperImpl(
      @NotNull AclFactory aclFactory) {
    this(aclFactory, null, false);
  }

  /**
   * Instantiates a new acl mapper.
   *
   * @param aclFactory         the acl factory
   * @param defaultPermissions the default permissions
   * @param switchAdminAccess  the switch admin access
   */
  public AclMapperImpl(
      @NotNull AclFactory aclFactory,
      @Nullable String[] defaultPermissions,
      boolean switchAdminAccess) {
    this(aclFactory, defaultPermissions, switchAdminAccess, false);
  }

  /**
   * Instantiates a new acl mapper.
   *
   * @param aclFactory         the acl factory
   * @param defaultPermissions the default permissions
   * @param switchAdminAccess  the switch admin access
   * @param returnNull         the return null
   */
  public AclMapperImpl(
      @NotNull AclFactory aclFactory,
      @Nullable String[] defaultPermissions,
      boolean switchAdminAccess,
      boolean returnNull) {
    notNull(aclFactory, "Acl factory must not be null.");
    this.aclFactory = aclFactory;
    this.defaultPermissions = defaultPermissions;
    this.switchAdminAccess = switchAdminAccess;
    this.returnNull = returnNull;
  }

  @Override
  public AccessControlList defaultAccessControlList(String owner) {
    return AclBuilder
        .builder()
        .owner(owner)
        .addUser(owner, defaultPermissions)
        .buildAccessControlList();
  }

  @Override
  public AccessControlList map(Acl acl) {
    if (acl == null && returnNull) {
      return null;
    }
    final AclBuilder aclBuilder = AclBuilder
        .builder()
        .from(acl)
        .defaults(defaultPermissions);
    if (switchAdminAccess) {
      return aclBuilder
          .removeAdminAccess(adminRole)
          .buildAccessControlList();
    }
    return aclBuilder
        .buildAccessControlList();
  }

  @Override
  public T map(AccessControlList accessControlList) {
    if (accessControlList == null && returnNull) {
      return null;
    }
    final AclBuilder aclBuilder = AclBuilder
        .builder()
        .from(accessControlList)
        .defaults(defaultPermissions);
    if (switchAdminAccess) {
      return aclBuilder
          .ensureAdminAccess(adminRole)
          .build(aclFactory);
    }
    return aclBuilder
        .build(aclFactory);
  }

  @Override
  public T defaultAcl(@Nullable String owner) {
    final AclBuilder aclBuilder = AclBuilder
        .builder()
        .owner(owner)
        .addUser(owner, defaultPermissions);
    if (switchAdminAccess) {
      return aclBuilder
          .ensureAdminAccess(adminRole)
          .build(aclFactory);
    }
    return aclBuilder
        .build(aclFactory);
  }

}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy