public List<PrivilegeInfo> fetchClassPrivilegesForGroup(final Long groupId) {
final List<PrivilegeInfo> fetchedClassPrivileges =
fetchStoredPrivilegesForGroup( //
groupId, //
PrivilegedObjectType.CLASS //
);
final Iterable<CMClass> nonReservedActiveClasses = filterNonReservedAndNonBaseClasses();
for (final CMClass clazz : nonReservedActiveClasses) {
final Long classId = clazz.getId();
if (!isPrivilegeAlreadyStored(classId, fetchedClassPrivileges)) {
final PrivilegeInfo pi = new PrivilegeInfo(groupId, clazz, PrivilegeMode.NONE);
final List<String> attributesPrivileges = new ArrayList<String>();
for (final CMAttribute attribute : clazz.getAttributes()) {
final String mode = attribute.getMode().name().toLowerCase();
attributesPrivileges.add(String.format("%s:%s", attribute.getName(), mode));
}
pi.setAttributesPrivileges( //
attributesPrivileges.toArray(new String[attributesPrivileges.size()]) //
);
fetchedClassPrivileges.add(pi);
}
}
return fetchedClassPrivileges;
}
public void saveFilterPrivilege(final PrivilegeInfo privilegeInfo) {
final CMQueryResult result =
view.select(anyAttribute(grantClass))
.from(grantClass)
.where(
and(
condition(
attribute(grantClass, GROUP_ID_ATTRIBUTE), eq(privilegeInfo.getGroupId())),
condition(
attribute(grantClass, TYPE_ATTRIBUTE),
eq(PrivilegedObjectType.FILTER.getValue())))) //
.run();
for (final CMQueryRow row : result) {
final CMCard grantCard = row.getCard(grantClass);
final Long storedViewId =
((Integer) grantCard.get(PRIVILEGED_OBJECT_ID_ATTRIBUTE)).longValue();
if (storedViewId.equals(privilegeInfo.getPrivilegedObjectId())) {
updateGrantCard(grantCard, privilegeInfo);
return;
}
}
createFilterGrantCard(privilegeInfo);
}
public static String parse(Class targetClass, String methodName)
throws NoSuchMethodException, SecurityException {
String methodAccess = "";
Method method = targetClass.getMethod(methodName);
if (method.isAnnotationPresent(PrivilegeInfo.class)) {
PrivilegeInfo privilegeInfo = method.getAnnotation(PrivilegeInfo.class);
methodAccess = privilegeInfo.name();
}
return methodAccess;
}
private void createFilterGrantCard(final PrivilegeInfo privilegeInfo) {
final CMCardDefinition grantCardToBeCreated = view.createCardFor(grantClass);
grantCardToBeCreated
.set(GROUP_ID_ATTRIBUTE, privilegeInfo.getGroupId()) //
.set(PRIVILEGED_OBJECT_ID_ATTRIBUTE, privilegeInfo.getPrivilegedObjectId()) //
.set(MODE_ATTRIBUTE, privilegeInfo.getMode().getValue()) //
.set(TYPE_ATTRIBUTE, PrivilegedObjectType.FILTER.getValue()) //
.set(STATUS_ATTRIBUTE, CardStatus.ACTIVE.value()) //
.save();
}
private boolean isPrivilegeAlreadyStored(
final Long privilegedObjectId, final List<PrivilegeInfo> fetchedPrivileges) {
for (final PrivilegeInfo privilegeInfo : fetchedPrivileges) {
if (privilegeInfo.getPrivilegedObjectId() != null
&& privilegeInfo.getPrivilegedObjectId().equals(privilegedObjectId)) {
return true;
}
}
return false;
}
private void updateGrantCard(final CMCard grantCard, final PrivilegeInfo privilegeInfo) {
final CMCardDefinition mutableGrantCard = view.update(grantCard);
if (privilegeInfo.getMode() != null) {
// check if null to allow the update of other attributes
// without specify the mode
mutableGrantCard.set(MODE_ATTRIBUTE, privilegeInfo.getMode().getValue()); //
}
mutableGrantCard //
.set(PRIVILEGE_FILTER_ATTRIBUTE, privilegeInfo.getPrivilegeFilter()) //
.set(ATTRIBUTES_PRIVILEGES_ATTRIBUTE, privilegeInfo.getAttributesPrivileges()) //
.save();
}
private void createClassGrantCard(final PrivilegeInfo privilegeInfo) {
final CMCardDefinition grantCardToBeCreated = view.createCardFor(grantClass);
// manage the null value for the privilege mode
// could happens updating row and column privileges
PrivilegeMode privilegeMode = privilegeInfo.getMode();
if (privilegeMode == null) {
privilegeMode = PrivilegeMode.NONE;
}
grantCardToBeCreated //
.set(GROUP_ID_ATTRIBUTE, privilegeInfo.getGroupId()) //
.set(PRIVILEGED_CLASS_ID_ATTRIBUTE, privilegeInfo.getPrivilegedObjectId()) //
.set(MODE_ATTRIBUTE, privilegeMode.getValue()) //
.set(TYPE_ATTRIBUTE, PrivilegedObjectType.CLASS.getValue()) //
.set(PRIVILEGE_FILTER_ATTRIBUTE, privilegeInfo.getPrivilegeFilter()) //
.set(ATTRIBUTES_PRIVILEGES_ATTRIBUTE, privilegeInfo.getAttributesPrivileges()) //
.set(STATUS_ATTRIBUTE, CardStatus.ACTIVE.value()) //
.save();
}
private List<PrivilegeInfo> fromPrivilegePairToPrivilegeInfo(
final Iterable<PrivilegePair> privilegePairs, final Long groupId) {
final List<PrivilegeInfo> list = Lists.newArrayList();
for (final PrivilegePair privilegePair : privilegePairs) {
final SerializablePrivilege privilegedObject = privilegePair.privilegedObject;
final CMPrivilege privilege = privilegePair.privilege;
PrivilegeInfo privilegeInfo;
if (privilege.implies(DefaultPrivileges.WRITE)) {
privilegeInfo = new PrivilegeInfo(groupId, privilegedObject, PrivilegeMode.WRITE);
} else if (privilege.implies(DefaultPrivileges.READ)) {
privilegeInfo = new PrivilegeInfo(groupId, privilegedObject, PrivilegeMode.READ);
} else {
privilegeInfo = new PrivilegeInfo(groupId, privilegedObject, PrivilegeMode.NONE);
}
privilegeInfo.setPrivilegeFilter(privilegePair.privilegeFilter);
privilegeInfo.setAttributesPrivileges(privilegePair.attributesPrivileges);
list.add(privilegeInfo);
}
return list;
}
/*
* FIXME
*
* this methods is called for two different purposes
*
* 1) change the mode
*
* 2) change the row and column privilege configuration remove the mode
*
* Only flag and implement two different methods or uniform the values set
* in the privilegeInfo object to have always all the attributes and update
* them all
*/
public void saveClassPrivilege(final PrivilegeInfo privilegeInfo, final boolean modeOnly) {
/*
* Extract the grants defined for the given group id
*/
final CMQueryResult grantRows =
view.select(anyAttribute(grantClass))
.from(grantClass)
.where( //
and( //
condition(
attribute(grantClass, GROUP_ID_ATTRIBUTE),
eq(privilegeInfo.getGroupId())), //
condition(
attribute(grantClass, TYPE_ATTRIBUTE),
eq(PrivilegedObjectType.CLASS.getValue())) //
) //
) //
.run();
/*
* FIXME why does not add a condition to to the query, and extract only
* the row for the given entryTypeId ???
*/
for (final CMQueryRow row : grantRows) {
final CMCard grantCard = row.getCard(grantClass);
final Long entryTypeId = grantCard.get(PRIVILEGED_CLASS_ID_ATTRIBUTE, Long.class);
if (entryTypeId.equals(privilegeInfo.getPrivilegedObjectId())) {
if (modeOnly) {
// replace the privilegeInfo with the
// data already stored to not override them
final Object filter = grantCard.get(PRIVILEGE_FILTER_ATTRIBUTE);
if (filter != null) {
privilegeInfo.setPrivilegeFilter((String) filter);
}
final Object attributes = grantCard.get(ATTRIBUTES_PRIVILEGES_ATTRIBUTE);
if (attributes != null) {
privilegeInfo.setAttributesPrivileges((String[]) attributes);
}
} else {
/*
* Iterate over the attributes privileges and keep only the
* ones that override the mode of the attribute
*/
final CMEntryType entryType = view.findClass(entryTypeId);
final Map<String, String> attributeModes = attributesMode(entryType);
final List<String> attributesPrivilegesToSave = new ArrayList<String>();
for (final String attributePrivilege : privilegeInfo.getAttributesPrivileges()) {
final String[] parts = attributePrivilege.split(":");
final String attributeName = parts[0];
final String privilege = parts[1];
if (attributeModes.containsKey(attributeName)) {
if (!attributeModes.get(attributeName).equals(privilege)) {
attributesPrivilegesToSave.add(attributePrivilege);
}
}
}
privilegeInfo.setAttributesPrivileges( //
attributesPrivilegesToSave.toArray( //
new String[attributesPrivilegesToSave.size()] //
));
}
updateGrantCard(grantCard, privilegeInfo);
return;
}
}
createClassGrantCard(privilegeInfo);
}