コード例 #1
0
ファイル: SecurityLogic.java プロジェクト: MexinaD/CMDBuild
  public List<PrivilegeInfo> fetchClassPrivilegesForGroup(final Long groupId) {
    final List<PrivilegeInfo> fetchedClassPrivileges =
        fetchStoredPrivilegesForGroup( //
            groupId, //
            PrivilegedObjectType.CLASS //
            );

    final Iterable<CMClass> nonReservedActiveClasses = filterNonReservedAndNonBaseClasses();

    for (final CMClass clazz : nonReservedActiveClasses) {
      final Long classId = clazz.getId();
      if (!isPrivilegeAlreadyStored(classId, fetchedClassPrivileges)) {
        final PrivilegeInfo pi = new PrivilegeInfo(groupId, clazz, PrivilegeMode.NONE);

        final List<String> attributesPrivileges = new ArrayList<String>();
        for (final CMAttribute attribute : clazz.getAttributes()) {
          final String mode = attribute.getMode().name().toLowerCase();
          attributesPrivileges.add(String.format("%s:%s", attribute.getName(), mode));
        }

        pi.setAttributesPrivileges( //
            attributesPrivileges.toArray(new String[attributesPrivileges.size()]) //
            );

        fetchedClassPrivileges.add(pi);
      }
    }
    return fetchedClassPrivileges;
  }
コード例 #2
0
ファイル: SecurityLogic.java プロジェクト: MexinaD/CMDBuild
  public void saveFilterPrivilege(final PrivilegeInfo privilegeInfo) {
    final CMQueryResult result =
        view.select(anyAttribute(grantClass))
            .from(grantClass)
            .where(
                and(
                    condition(
                        attribute(grantClass, GROUP_ID_ATTRIBUTE), eq(privilegeInfo.getGroupId())),
                    condition(
                        attribute(grantClass, TYPE_ATTRIBUTE),
                        eq(PrivilegedObjectType.FILTER.getValue())))) //
            .run();

    for (final CMQueryRow row : result) {
      final CMCard grantCard = row.getCard(grantClass);
      final Long storedViewId =
          ((Integer) grantCard.get(PRIVILEGED_OBJECT_ID_ATTRIBUTE)).longValue();
      if (storedViewId.equals(privilegeInfo.getPrivilegedObjectId())) {
        updateGrantCard(grantCard, privilegeInfo);
        return;
      }
    }

    createFilterGrantCard(privilegeInfo);
  }
コード例 #3
0
 public static String parse(Class targetClass, String methodName)
     throws NoSuchMethodException, SecurityException {
   String methodAccess = "";
   Method method = targetClass.getMethod(methodName);
   if (method.isAnnotationPresent(PrivilegeInfo.class)) {
     PrivilegeInfo privilegeInfo = method.getAnnotation(PrivilegeInfo.class);
     methodAccess = privilegeInfo.name();
   }
   return methodAccess;
 }
コード例 #4
0
ファイル: SecurityLogic.java プロジェクト: MexinaD/CMDBuild
 private void createFilterGrantCard(final PrivilegeInfo privilegeInfo) {
   final CMCardDefinition grantCardToBeCreated = view.createCardFor(grantClass);
   grantCardToBeCreated
       .set(GROUP_ID_ATTRIBUTE, privilegeInfo.getGroupId()) //
       .set(PRIVILEGED_OBJECT_ID_ATTRIBUTE, privilegeInfo.getPrivilegedObjectId()) //
       .set(MODE_ATTRIBUTE, privilegeInfo.getMode().getValue()) //
       .set(TYPE_ATTRIBUTE, PrivilegedObjectType.FILTER.getValue()) //
       .set(STATUS_ATTRIBUTE, CardStatus.ACTIVE.value()) //
       .save();
 }
コード例 #5
0
ファイル: SecurityLogic.java プロジェクト: MexinaD/CMDBuild
 private boolean isPrivilegeAlreadyStored(
     final Long privilegedObjectId, final List<PrivilegeInfo> fetchedPrivileges) {
   for (final PrivilegeInfo privilegeInfo : fetchedPrivileges) {
     if (privilegeInfo.getPrivilegedObjectId() != null
         && privilegeInfo.getPrivilegedObjectId().equals(privilegedObjectId)) {
       return true;
     }
   }
   return false;
 }
コード例 #6
0
ファイル: SecurityLogic.java プロジェクト: MexinaD/CMDBuild
  private void updateGrantCard(final CMCard grantCard, final PrivilegeInfo privilegeInfo) {
    final CMCardDefinition mutableGrantCard = view.update(grantCard);
    if (privilegeInfo.getMode() != null) {
      // check if null to allow the update of other attributes
      // without specify the mode
      mutableGrantCard.set(MODE_ATTRIBUTE, privilegeInfo.getMode().getValue()); //
    }

    mutableGrantCard //
        .set(PRIVILEGE_FILTER_ATTRIBUTE, privilegeInfo.getPrivilegeFilter()) //
        .set(ATTRIBUTES_PRIVILEGES_ATTRIBUTE, privilegeInfo.getAttributesPrivileges()) //
        .save();
  }
コード例 #7
0
ファイル: SecurityLogic.java プロジェクト: MexinaD/CMDBuild
  private void createClassGrantCard(final PrivilegeInfo privilegeInfo) {
    final CMCardDefinition grantCardToBeCreated = view.createCardFor(grantClass);

    // manage the null value for the privilege mode
    // could happens updating row and column privileges
    PrivilegeMode privilegeMode = privilegeInfo.getMode();
    if (privilegeMode == null) {
      privilegeMode = PrivilegeMode.NONE;
    }

    grantCardToBeCreated //
        .set(GROUP_ID_ATTRIBUTE, privilegeInfo.getGroupId()) //
        .set(PRIVILEGED_CLASS_ID_ATTRIBUTE, privilegeInfo.getPrivilegedObjectId()) //
        .set(MODE_ATTRIBUTE, privilegeMode.getValue()) //
        .set(TYPE_ATTRIBUTE, PrivilegedObjectType.CLASS.getValue()) //
        .set(PRIVILEGE_FILTER_ATTRIBUTE, privilegeInfo.getPrivilegeFilter()) //
        .set(ATTRIBUTES_PRIVILEGES_ATTRIBUTE, privilegeInfo.getAttributesPrivileges()) //
        .set(STATUS_ATTRIBUTE, CardStatus.ACTIVE.value()) //
        .save();
  }
コード例 #8
0
ファイル: SecurityLogic.java プロジェクト: MexinaD/CMDBuild
 private List<PrivilegeInfo> fromPrivilegePairToPrivilegeInfo(
     final Iterable<PrivilegePair> privilegePairs, final Long groupId) {
   final List<PrivilegeInfo> list = Lists.newArrayList();
   for (final PrivilegePair privilegePair : privilegePairs) {
     final SerializablePrivilege privilegedObject = privilegePair.privilegedObject;
     final CMPrivilege privilege = privilegePair.privilege;
     PrivilegeInfo privilegeInfo;
     if (privilege.implies(DefaultPrivileges.WRITE)) {
       privilegeInfo = new PrivilegeInfo(groupId, privilegedObject, PrivilegeMode.WRITE);
     } else if (privilege.implies(DefaultPrivileges.READ)) {
       privilegeInfo = new PrivilegeInfo(groupId, privilegedObject, PrivilegeMode.READ);
     } else {
       privilegeInfo = new PrivilegeInfo(groupId, privilegedObject, PrivilegeMode.NONE);
     }
     privilegeInfo.setPrivilegeFilter(privilegePair.privilegeFilter);
     privilegeInfo.setAttributesPrivileges(privilegePair.attributesPrivileges);
     list.add(privilegeInfo);
   }
   return list;
 }
コード例 #9
0
ファイル: SecurityLogic.java プロジェクト: MexinaD/CMDBuild
  /*
   * FIXME
   *
   * this methods is called for two different purposes
   *
   * 1) change the mode
   *
   * 2) change the row and column privilege configuration remove the mode
   *
   * Only flag and implement two different methods or uniform the values set
   * in the privilegeInfo object to have always all the attributes and update
   * them all
   */
  public void saveClassPrivilege(final PrivilegeInfo privilegeInfo, final boolean modeOnly) {
    /*
     * Extract the grants defined for the given group id
     */
    final CMQueryResult grantRows =
        view.select(anyAttribute(grantClass))
            .from(grantClass)
            .where( //
                and( //
                    condition(
                        attribute(grantClass, GROUP_ID_ATTRIBUTE),
                        eq(privilegeInfo.getGroupId())), //
                    condition(
                        attribute(grantClass, TYPE_ATTRIBUTE),
                        eq(PrivilegedObjectType.CLASS.getValue())) //
                    ) //
                ) //
            .run();

    /*
     * FIXME why does not add a condition to to the query, and extract only
     * the row for the given entryTypeId ???
     */
    for (final CMQueryRow row : grantRows) {
      final CMCard grantCard = row.getCard(grantClass);
      final Long entryTypeId = grantCard.get(PRIVILEGED_CLASS_ID_ATTRIBUTE, Long.class);
      if (entryTypeId.equals(privilegeInfo.getPrivilegedObjectId())) {

        if (modeOnly) {
          // replace the privilegeInfo with the
          // data already stored to not override them
          final Object filter = grantCard.get(PRIVILEGE_FILTER_ATTRIBUTE);
          if (filter != null) {
            privilegeInfo.setPrivilegeFilter((String) filter);
          }

          final Object attributes = grantCard.get(ATTRIBUTES_PRIVILEGES_ATTRIBUTE);
          if (attributes != null) {
            privilegeInfo.setAttributesPrivileges((String[]) attributes);
          }
        } else {
          /*
           * Iterate over the attributes privileges and keep only the
           * ones that override the mode of the attribute
           */
          final CMEntryType entryType = view.findClass(entryTypeId);
          final Map<String, String> attributeModes = attributesMode(entryType);
          final List<String> attributesPrivilegesToSave = new ArrayList<String>();
          for (final String attributePrivilege : privilegeInfo.getAttributesPrivileges()) {
            final String[] parts = attributePrivilege.split(":");
            final String attributeName = parts[0];
            final String privilege = parts[1];
            if (attributeModes.containsKey(attributeName)) {
              if (!attributeModes.get(attributeName).equals(privilege)) {
                attributesPrivilegesToSave.add(attributePrivilege);
              }
            }
          }

          privilegeInfo.setAttributesPrivileges( //
              attributesPrivilegesToSave.toArray( //
                  new String[attributesPrivilegesToSave.size()] //
                  ));
        }

        updateGrantCard(grantCard, privilegeInfo);
        return;
      }
    }

    createClassGrantCard(privilegeInfo);
  }