CsarAuthorizationFilter.java example

Explorer
alien4cloud-master
package org.alien4cloud.tosca.catalog.index;

import javax.inject.Inject;

import org.alien4cloud.tosca.model.Csar;
import org.springframework.stereotype.Component;

import alien4cloud.security.AuthorizationUtil;
import alien4cloud.security.model.Role;

@Component
public class CsarAuthorizationFilter implements ICsarAuthorizationFilter {
    @Inject
    private ITopologyCatalogService topologyCatalogService;
    @Inject
    private IToscaTypeSearchService toscaTypeSearchService;

    @Override
    public void checkWriteAccess(Csar csar) {
        // if this csar has node types, check the COMPONENTS_MANAGER Role
        if (toscaTypeSearchService.hasTypes(csar.getName(), csar.getVersion())) {
            AuthorizationUtil.checkHasOneRoleIn(Role.COMPONENTS_MANAGER);
        }
        // if the csar is bound to a topology, check the ARCHITECT Role
        if (topologyCatalogService.exists(csar.getId())) {
            AuthorizationUtil.checkHasOneRoleIn(Role.ARCHITECT);
        }
    }

    @Override
    public void checkReadAccess(Csar csar) {
        // Component browser has access to Csar
        AuthorizationUtil.checkHasOneRoleIn(Role.COMPONENTS_BROWSER);
    }
}