PermissionApiServiceImpl.java

/*
 * Copyright 2025 Global Crop Diversity Trust
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *   http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.genesys.server.api.v2.facade.impl;

import lombok.extern.slf4j.Slf4j;
import org.genesys.blocks.security.model.AclObjectIdentity;
import org.genesys.blocks.security.model.AclSid;
import org.genesys.blocks.security.service.CustomAclService;
import org.genesys.server.api.v2.facade.PermissionApiService;
import org.genesys.server.api.v2.mapper.MapstructMapper;
import org.genesys.server.api.v2.model.impl.AclObjectIdentityExtDTO;
import org.genesys.server.api.v2.model.impl.SidPermissionsDTO;
import org.genesys.server.exception.NotFoundElement;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

import javax.persistence.EntityManager;

@Service
@Transactional(readOnly = true)
@Slf4j
public class PermissionApiServiceImpl implements PermissionApiService {

	@Autowired
	private MapstructMapper mapper;

	/** The acl service. */
	@Autowired
	protected CustomAclService aclService;

	@Autowired
	protected EntityManager entityManager;

	@Override
	@Transactional
	public AclObjectIdentityExtDTO addPermission(String className, long id, SidPermissionsDTO sidPermissionsDTO) {
		var sidPermissions = mapper.map(sidPermissionsDTO);
		final AclObjectIdentity objectIdentity = aclService.ensureObjectIdentity(id, className);
		log.info("Setting permissions {}", sidPermissions);
		AclSid sid;
		if (sidPermissions.sid.getId() != null) {
			sid = aclService.getSid(sidPermissions.sid.getId());
		} else {
			sid = aclService.getSid(sidPermissions.getSid().getSid());
		}
		return mapper.map(lazyLoadForJson(aclService.setPermissions(objectIdentity, sid, sidPermissions)));
	}

	@Override
	@Transactional
	public AclObjectIdentityExtDTO deletePermissionsForSid(String className, long id, String sid) {
		final AclObjectIdentity objectIdentity = aclService.ensureObjectIdentity(id, className);
		log.info("Removing permissions for {}", sid);

		final AclSid aclSid = aclService.getSid(aclService.getSidId(sid));

		return mapper.map(lazyLoadForJson(aclService.removePermissions(objectIdentity, aclSid)));
	}

	@Override
	@Transactional
	public AclObjectIdentityExtDTO updateInheriting(boolean inheriting, long id) {
		final AclObjectIdentity objectIdentity = aclService.updateInheriting(id, inheriting);
		if (objectIdentity == null) {
			throw new NotFoundElement("No such ACL object");
		}
		return mapper.map(lazyLoadForJson(objectIdentity));
	}

	@Override
	@Transactional
	public AclObjectIdentityExtDTO updateParentObject(long id, long parentId) {
		final AclObjectIdentity objectIdentity = aclService.updateParentObject(id, parentId);
		if (objectIdentity == null) {
			throw new NotFoundElement("No such ACL object");
		}
		return mapper.map(lazyLoadForJson(objectIdentity));
	}

	@Override
	public AclObjectIdentityExtDTO permissions(String className, long id) {
		final AclObjectIdentity objectIdentity = aclService.getObjectIdentity(id, className);
		if (objectIdentity == null) {
			throw new NotFoundElement("No such ACL object");
		}
		return mapper.map(lazyLoadForJson(objectIdentity));
	}

	@Override
	public AclObjectIdentityExtDTO permissions(long id) {
		final AclObjectIdentity objectIdentity = aclService.getObjectIdentity(id);
		if (objectIdentity == null) {
			throw new NotFoundElement("No such ACL object");
		}
		return mapper.map(lazyLoadForJson(objectIdentity));
	}

	/**
	 * Lazy load for json.
	 *
	 * @param objectIdentity the object identity
	 * @return the acl object identity
	 */
	protected CustomAclService.AclObjectIdentityExt lazyLoadForJson(final AclObjectIdentity objectIdentity) {
		CustomAclService.AclObjectIdentityExt ext = aclService.loadObjectIdentityExt(objectIdentity);
		if (ext == null) {
			throw new NotFoundElement("No such ACL object");
		}
		entityManager.flush();
		entityManager.detach(ext.original);
		ext.original.setAclEntries(aclService.getAclEntries(objectIdentity));
		return ext;
	}
}
Created with JaCoCo 0.8.12.202403310830