コード例 #1
0
  @Path("/permissions/{username}/{typename}/{id}")
  @GET
  @RunAsAdmin
  public NameValueList hasPermission(
      @PathParam("username") String username,
      @PathParam("typename") String typename,
      @PathParam("id") long id) {

    List<FxRole> roles = new ArrayList<>(1);
    FxRole user = FxRole.loadByName(username, em);
    roles.add(user);

    NameValueList mList = new NameValueList();

    FleximsDynamicEntityImpl entity = null;
    if (id != 0) {
      entity = dao.loadEntity(typename, id);
    }

    for (Action action : ACLHelper.getAvailableActions()) {
      if (permissionChecker.hasPermission(action, roles, typename, entity)) {
        mList.addPair(action.getName(), "true");
      } else {
        mList.addPair(action.getName(), "false");
      }
    }
    return mList;
  }
コード例 #2
0
  @SuppressWarnings("unchecked")
  @Path("/instacl/{typename}/{id}")
  @POST
  public void saveInstACL(
      @PathParam("typename") String typename, @PathParam("id") long id, InstanceACES aces) {

    FleximsDynamicEntityImpl entity = dao.loadEntity(typename, id);
    if (entity == null) {
      return;
    }

    if (permissionChecker.hasPermission(
        ACLHelper.getActionByName(GrantAction.NAME),
        roleContext.getRoles(),
        entity.getClass().getSimpleName(),
        entity)) {
      throw new AuthorizedException(InstanceActionType.GRANT, entity);
    }

    securityEM.getTransaction().begin();
    Query query = securityEM.createNamedQuery(InstanceACE.ACLQNAME);
    query.setParameter("typeid", typename);
    query.setParameter("instanceid", id);

    List<InstanceACE> acesOld = (List<InstanceACE>) query.getResultList();
    for (InstanceACE ace : aces.getAces()) {
      if (ace.getId() == 0) {
        securityEM.persist(ace);
      } else {
        for (InstanceACE oldAce : acesOld) {
          if (oldAce.getId() == ace.getId()) {
            securityEM.merge(ace);
            acesOld.remove(oldAce);
            break;
          }
        }
      }
    }
    for (InstanceACE oldAce : acesOld) {
      securityEM.remove(oldAce);
    }
    securityEM.getTransaction().commit();
  }
コード例 #3
0
  @Path("/typepermissions/{username}/{action}")
  @GET
  @RunAsAdmin
  public NameValueList hasTypePermission(
      @PathParam("username") String username, @PathParam("action") String actionName) {
    List<FxRole> roles = new ArrayList<>(1);
    FxRole user = FxRole.loadByName(username, em);
    roles.add(user);

    NameValueList mList = new NameValueList();
    Action action = ACLHelper.getActionByName(actionName);
    for (ManagedType<?> t : JpaMetamodelHelper.getMetamodel().getManagedTypes()) {
      if (permissionChecker.hasPermission(action, roles, t.getJavaType().getSimpleName(), null)) {
        mList.addPair(t.getJavaType().getSimpleName(), "true");
      } else {
        mList.addPair(t.getJavaType().getSimpleName(), "false");
      }
    }
    return mList;
  }
コード例 #4
0
 @Path("/typeacl")
 @POST
 public void saveTypeACL(TypeACL typeACL) {
   if (permissionChecker.hasPermission(
       ACLHelper.getActionByName(GrantAction.NAME),
       roleContext.getRoles(),
       typeACL.getTypeid(),
       null)) {
     throw new AuthorizedException(InstanceActionType.GRANT, null);
   }
   for (RolePermission p : typeACL.getRolePermissions()) {
     p.setTypeACL(typeACL);
   }
   for (PropertyPermission p : typeACL.getPropPermissions()) {
     p.setTypeACL(typeACL);
   }
   securityEM.getTransaction().begin();
   securityEM.merge(typeACL);
   securityEM.getTransaction().commit();
   ACLHelper.typeacls.put(typeACL.getTypeid(), typeACL);
 }