add authn only permissions to me
This commit is contained in:
parent
0ceadf2ab1
commit
39ea1b6c88
|
@ -1,6 +1,7 @@
|
|||
package gr.cite.annotation.web.model;
|
||||
|
||||
import gr.cite.commons.web.authz.configuration.AuthorizationConfiguration;
|
||||
import gr.cite.commons.web.authz.configuration.Permission;
|
||||
import gr.cite.commons.web.oidc.principal.CurrentPrincipalResolver;
|
||||
import gr.cite.commons.web.oidc.principal.MyPrincipal;
|
||||
import gr.cite.commons.web.oidc.principal.extractor.ClaimExtractor;
|
||||
|
@ -12,10 +13,7 @@ import org.springframework.beans.factory.config.ConfigurableBeanFactory;
|
|||
import org.springframework.context.annotation.Scope;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
import java.util.*;
|
||||
|
||||
@Component
|
||||
@Scope(value = ConfigurableBeanFactory.SCOPE_PROTOTYPE)
|
||||
|
@ -76,6 +74,11 @@ public class AccountBuilder {
|
|||
if (fields.hasField(Account._permissions)) {
|
||||
List<String> roles = claimExtractor.roles(currentPrincipalResolver.currentPrincipal());
|
||||
Set<String> permissions = authorizationConfiguration.permissionsOfRoles(roles);
|
||||
for (Map.Entry<String, Permission> permissionEntry : authorizationConfiguration.getRawPolicies().entrySet()){
|
||||
if (permissionEntry.getValue().getAllowAuthenticated()){
|
||||
permissions.add(permissionEntry.getKey());
|
||||
}
|
||||
}
|
||||
model.setPermissions(new ArrayList<>(permissions));
|
||||
}
|
||||
return model;
|
||||
|
|
|
@ -6,6 +6,7 @@ import eu.eudat.commons.types.user.AdditionalInfoEntity;
|
|||
import eu.eudat.data.TenantEntityManager;
|
||||
import eu.eudat.data.UserEntity;
|
||||
import gr.cite.commons.web.authz.configuration.AuthorizationConfiguration;
|
||||
import gr.cite.commons.web.authz.configuration.Permission;
|
||||
import gr.cite.commons.web.oidc.principal.CurrentPrincipalResolver;
|
||||
import gr.cite.commons.web.oidc.principal.MyPrincipal;
|
||||
import gr.cite.commons.web.oidc.principal.extractor.ClaimExtractor;
|
||||
|
@ -96,6 +97,11 @@ public class AccountBuilder {
|
|||
if (fields.hasField(Account._permissions)) {
|
||||
List<String> roles = claimExtractor.roles(currentPrincipalResolver.currentPrincipal());
|
||||
Set<String> permissions = authorizationConfiguration.permissionsOfRoles(roles);
|
||||
for (Map.Entry<String, Permission> permissionEntry : authorizationConfiguration.getRawPolicies().entrySet()){
|
||||
if (permissionEntry.getValue().getAllowAuthenticated()){
|
||||
permissions.add(permissionEntry.getKey());
|
||||
}
|
||||
}
|
||||
model.setPermissions(new ArrayList<>(permissions));
|
||||
}
|
||||
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
package gr.cite.notification.web.model;
|
||||
|
||||
import gr.cite.commons.web.authz.configuration.AuthorizationConfiguration;
|
||||
import gr.cite.commons.web.authz.configuration.Permission;
|
||||
import gr.cite.commons.web.oidc.principal.CurrentPrincipalResolver;
|
||||
import gr.cite.commons.web.oidc.principal.MyPrincipal;
|
||||
import gr.cite.commons.web.oidc.principal.extractor.ClaimExtractor;
|
||||
|
@ -12,10 +13,7 @@ import org.springframework.beans.factory.config.ConfigurableBeanFactory;
|
|||
import org.springframework.context.annotation.Scope;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
import java.util.*;
|
||||
|
||||
@Component
|
||||
@Scope(value = ConfigurableBeanFactory.SCOPE_PROTOTYPE)
|
||||
|
@ -76,6 +74,11 @@ public class AccountBuilder {
|
|||
if (fields.hasField(Account._permissions)) {
|
||||
List<String> roles = claimExtractor.roles(currentPrincipalResolver.currentPrincipal());
|
||||
Set<String> permissions = authorizationConfiguration.permissionsOfRoles(roles);
|
||||
for (Map.Entry<String, Permission> permissionEntry : authorizationConfiguration.getRawPolicies().entrySet()){
|
||||
if (permissionEntry.getValue().getAllowAuthenticated()){
|
||||
permissions.add(permissionEntry.getKey());
|
||||
}
|
||||
}
|
||||
model.setPermissions(new ArrayList<>(permissions));
|
||||
}
|
||||
return model;
|
||||
|
|
Loading…
Reference in New Issue