public List<PrivilegeInfo> fetchClassPrivilegesForGroup(final Long groupId) {
final List<PrivilegeInfo> fetchedClassPrivileges =
fetchStoredPrivilegesForGroup( //
groupId, //
PrivilegedObjectType.CLASS //
);
final Iterable<CMClass> nonReservedActiveClasses = filterNonReservedAndNonBaseClasses();
for (final CMClass clazz : nonReservedActiveClasses) {
final Long classId = clazz.getId();
if (!isPrivilegeAlreadyStored(classId, fetchedClassPrivileges)) {
final PrivilegeInfo pi = new PrivilegeInfo(groupId, clazz, PrivilegeMode.NONE);
final List<String> attributesPrivileges = new ArrayList<String>();
for (final CMAttribute attribute : clazz.getAttributes()) {
final String mode = attribute.getMode().name().toLowerCase();
attributesPrivileges.add(String.format("%s:%s", attribute.getName(), mode));
}
pi.setAttributesPrivileges( //
attributesPrivileges.toArray(new String[attributesPrivileges.size()]) //
);
fetchedClassPrivileges.add(pi);
}
}
return fetchedClassPrivileges;
}
private List<PrivilegeInfo> fromPrivilegePairToPrivilegeInfo(
final Iterable<PrivilegePair> privilegePairs, final Long groupId) {
final List<PrivilegeInfo> list = Lists.newArrayList();
for (final PrivilegePair privilegePair : privilegePairs) {
final SerializablePrivilege privilegedObject = privilegePair.privilegedObject;
final CMPrivilege privilege = privilegePair.privilege;
PrivilegeInfo privilegeInfo;
if (privilege.implies(DefaultPrivileges.WRITE)) {
privilegeInfo = new PrivilegeInfo(groupId, privilegedObject, PrivilegeMode.WRITE);
} else if (privilege.implies(DefaultPrivileges.READ)) {
privilegeInfo = new PrivilegeInfo(groupId, privilegedObject, PrivilegeMode.READ);
} else {
privilegeInfo = new PrivilegeInfo(groupId, privilegedObject, PrivilegeMode.NONE);
}
privilegeInfo.setPrivilegeFilter(privilegePair.privilegeFilter);
privilegeInfo.setAttributesPrivileges(privilegePair.attributesPrivileges);
list.add(privilegeInfo);
}
return list;
}
/*
* FIXME
*
* this methods is called for two different purposes
*
* 1) change the mode
*
* 2) change the row and column privilege configuration remove the mode
*
* Only flag and implement two different methods or uniform the values set
* in the privilegeInfo object to have always all the attributes and update
* them all
*/
public void saveClassPrivilege(final PrivilegeInfo privilegeInfo, final boolean modeOnly) {
/*
* Extract the grants defined for the given group id
*/
final CMQueryResult grantRows =
view.select(anyAttribute(grantClass))
.from(grantClass)
.where( //
and( //
condition(
attribute(grantClass, GROUP_ID_ATTRIBUTE),
eq(privilegeInfo.getGroupId())), //
condition(
attribute(grantClass, TYPE_ATTRIBUTE),
eq(PrivilegedObjectType.CLASS.getValue())) //
) //
) //
.run();
/*
* FIXME why does not add a condition to to the query, and extract only
* the row for the given entryTypeId ???
*/
for (final CMQueryRow row : grantRows) {
final CMCard grantCard = row.getCard(grantClass);
final Long entryTypeId = grantCard.get(PRIVILEGED_CLASS_ID_ATTRIBUTE, Long.class);
if (entryTypeId.equals(privilegeInfo.getPrivilegedObjectId())) {
if (modeOnly) {
// replace the privilegeInfo with the
// data already stored to not override them
final Object filter = grantCard.get(PRIVILEGE_FILTER_ATTRIBUTE);
if (filter != null) {
privilegeInfo.setPrivilegeFilter((String) filter);
}
final Object attributes = grantCard.get(ATTRIBUTES_PRIVILEGES_ATTRIBUTE);
if (attributes != null) {
privilegeInfo.setAttributesPrivileges((String[]) attributes);
}
} else {
/*
* Iterate over the attributes privileges and keep only the
* ones that override the mode of the attribute
*/
final CMEntryType entryType = view.findClass(entryTypeId);
final Map<String, String> attributeModes = attributesMode(entryType);
final List<String> attributesPrivilegesToSave = new ArrayList<String>();
for (final String attributePrivilege : privilegeInfo.getAttributesPrivileges()) {
final String[] parts = attributePrivilege.split(":");
final String attributeName = parts[0];
final String privilege = parts[1];
if (attributeModes.containsKey(attributeName)) {
if (!attributeModes.get(attributeName).equals(privilege)) {
attributesPrivilegesToSave.add(attributePrivilege);
}
}
}
privilegeInfo.setAttributesPrivileges( //
attributesPrivilegesToSave.toArray( //
new String[attributesPrivilegesToSave.size()] //
));
}
updateGrantCard(grantCard, privilegeInfo);
return;
}
}
createClassGrantCard(privilegeInfo);
}