ArchiveIndexerAuthorizationFilter.java example

Explorer
alien4cloud-master
package org.alien4cloud.tosca.catalog.index;

import org.springframework.stereotype.Component;

import alien4cloud.security.AuthorizationUtil;
import alien4cloud.security.model.Role;
import alien4cloud.tosca.model.ArchiveRoot;

/**
 * This bean is responsible for managing authorization when an archive is indexed.
 */
@Component
public class ArchiveIndexerAuthorizationFilter implements IArchiveIndexerAuthorizationFilter {

    @Override
    public void preCheckAuthorization(String workspace) {
        AuthorizationUtil.checkHasOneRoleIn(Role.ARCHITECT, Role.COMPONENTS_MANAGER, Role.ADMIN);
    }

    @Override
    public void checkAuthorization(ArchiveRoot archiveRoot) {
        if (archiveRoot.hasToscaTopologyTemplate()) {
            AuthorizationUtil.checkHasOneRoleIn(Role.ARCHITECT, Role.ADMIN);
        }
        if (archiveRoot.hasToscaTypes()) {
            AuthorizationUtil.checkHasOneRoleIn(Role.COMPONENTS_MANAGER, Role.ADMIN);
        }
    }
}