UpdateNetworkClusterPermissionsChecker.java example

Explorer
ovirt-engine-master
package org.ovirt.engine.core.bll.network.cluster;

import java.util.ArrayList;
import java.util.List;
import java.util.Objects;

import javax.inject.Inject;
import javax.inject.Singleton;

import org.ovirt.engine.core.bll.ClusterPermissionsFinder;
import org.ovirt.engine.core.bll.CommandBase;
import org.ovirt.engine.core.bll.utils.PermissionSubject;
import org.ovirt.engine.core.common.VdcObjectType;
import org.ovirt.engine.core.common.action.VdcActionType;
import org.ovirt.engine.core.common.businessentities.ActionGroup;
import org.ovirt.engine.core.compat.Guid;

@Singleton
class UpdateNetworkClusterPermissionsChecker {

    private final ClusterPermissionsFinder clusterPermissionsFinder;

    @Inject
    UpdateNetworkClusterPermissionsChecker(ClusterPermissionsFinder clusterPermissionsFinder) {
        Objects.requireNonNull(clusterPermissionsFinder, "clusterPermissionsFinder cannot be null");

        this.clusterPermissionsFinder = clusterPermissionsFinder;
    }

    public boolean checkPermissions(CommandBase<?> command, Guid networkId, Guid clusterId, VdcActionType actionType) {
        final List<PermissionSubject> permissionCheckSubjects =
                findPermissionCheckSubjects(networkId, clusterId, actionType);

        return checkPermissions(command, permissionCheckSubjects);
    }

    /**
     * Checks the user has permissions either on one of the objects at least.
     */
    public boolean checkPermissions(CommandBase<?> command, List<PermissionSubject> permissionCheckSubjects) {
        final List<String> messages = new ArrayList<>();
        for (PermissionSubject permSubject : permissionCheckSubjects) {
            messages.clear();
            if (command.checkSinglePermission(permSubject, messages)) {
                return true;
            }
        }

        command.getReturnValue().getValidationMessages().addAll(messages);

        return false;
    }

    public List<PermissionSubject> findPermissionCheckSubjects(Guid networkId, Guid clusterId, VdcActionType actionType) {

        List<PermissionSubject> permissions =
                clusterPermissionsFinder.findPermissionCheckSubjects(clusterId, actionType);
        permissions.add(new PermissionSubject(networkId, VdcObjectType.Network, ActionGroup.ASSIGN_CLUSTER_NETWORK));
        return permissions;
    }
}