// Licensed to the Apache Software Foundation (ASF) under one // or more contributor license agreements. See the NOTICE file // distributed with this work for additional information // regarding copyright ownership. The ASF licenses this file // to you under the Apache License, Version 2.0 (the // "License"); you may not use this file except in compliance // with the License. You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, // software distributed under the License is distributed on an // "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY // KIND, either express or implied. See the License for the // specific language governing permissions and limitations // under the License. package org.apache.cloudstack.iam.server.dao; import java.util.List; import java.util.Map; import javax.naming.ConfigurationException; import org.apache.cloudstack.iam.api.IAMPolicyPermission.Permission; import org.apache.cloudstack.iam.server.IAMPolicyPermissionVO; import com.cloud.utils.db.GenericDaoBase; import com.cloud.utils.db.SearchBuilder; import com.cloud.utils.db.SearchCriteria; public class IAMPolicyPermissionDaoImpl extends GenericDaoBase<IAMPolicyPermissionVO, Long> implements IAMPolicyPermissionDao { private SearchBuilder<IAMPolicyPermissionVO> policyIdSearch; private SearchBuilder<IAMPolicyPermissionVO> fullSearch; private SearchBuilder<IAMPolicyPermissionVO> entitySearch; @Override public boolean configure(String name, Map<String, Object> params) throws ConfigurationException { super.configure(name, params); policyIdSearch = createSearchBuilder(); policyIdSearch.and("policyId", policyIdSearch.entity().getAclPolicyId(), SearchCriteria.Op.EQ); policyIdSearch.done(); fullSearch = createSearchBuilder(); fullSearch.and("policyId", fullSearch.entity().getAclPolicyId(), SearchCriteria.Op.EQ); fullSearch.and("entityType", fullSearch.entity().getEntityType(), SearchCriteria.Op.EQ); fullSearch.and("scope", fullSearch.entity().getScope(), SearchCriteria.Op.EQ); fullSearch.and("scopeId", fullSearch.entity().getScopeId(), SearchCriteria.Op.EQ); fullSearch.and("action", fullSearch.entity().getAction(), SearchCriteria.Op.EQ); fullSearch.and("permission", fullSearch.entity().getPermission(), SearchCriteria.Op.EQ); fullSearch.and("accessType", fullSearch.entity().getAccessType(), SearchCriteria.Op.EQ); fullSearch.done(); entitySearch = createSearchBuilder(); entitySearch.and("entityType", entitySearch.entity().getEntityType(), SearchCriteria.Op.EQ); entitySearch.and("scopeId", entitySearch.entity().getScopeId(), SearchCriteria.Op.EQ); entitySearch.done(); return true; } @Override public List<IAMPolicyPermissionVO> listByPolicy(long policyId) { SearchCriteria<IAMPolicyPermissionVO> sc = policyIdSearch.create(); sc.setParameters("policyId", policyId); return listBy(sc); } @Override public IAMPolicyPermissionVO findByPolicyAndEntity(long policyId, String entityType, String scope, Long scopeId, String action, Permission perm, String accessType) { SearchCriteria<IAMPolicyPermissionVO> sc = fullSearch.create(); sc.setParameters("policyId", policyId); sc.setParameters("entityType", entityType); sc.setParameters("scope", scope); sc.setParameters("scopeId", scopeId); sc.setParameters("action", action); sc.setParameters("permission", perm); if (accessType != null) { // accessType can be optional, used mainly in list apis with // ListEntry and UseEntry distinction sc.setParameters("accessType", accessType); } return findOneBy(sc); } @Override public List<IAMPolicyPermissionVO> listByPolicyActionAndScope(long policyId, String action, String scope, String accessType) { SearchCriteria<IAMPolicyPermissionVO> sc = fullSearch.create(); sc.setParameters("policyId", policyId); sc.setParameters("action", action); sc.setParameters("scope", scope); sc.setParameters("permission", Permission.Allow); if ( accessType != null ){ // accessType can be optional, used mainly in list apis with ListEntry and UseEntry distinction sc.setParameters("accessType", accessType); } return listBy(sc); } @Override public List<IAMPolicyPermissionVO> listByPolicyActionAndEntity(long policyId, String action, String entityType) { SearchCriteria<IAMPolicyPermissionVO> sc = fullSearch.create(); sc.setParameters("policyId", policyId); sc.setParameters("entityType", entityType); sc.setParameters("action", action); return listBy(sc); } @Override public List<IAMPolicyPermissionVO> listByPolicyAccessAndEntity(long policyId, String accessType, String entityType) { SearchCriteria<IAMPolicyPermissionVO> sc = fullSearch.create(); sc.setParameters("policyId", policyId); sc.setParameters("entityType", entityType); sc.setParameters("accessType", accessType); return listBy(sc); } @Override public List<IAMPolicyPermissionVO> listByEntity(String entityType, Long entityId) { SearchCriteria<IAMPolicyPermissionVO> sc = entitySearch.create(); sc.setParameters("entityType", entityType); sc.setParameters("scopeId", entityId); return listBy(sc); } }