Examples of org.jitterbit.integration.data.access.Permissions

• org.jitterbit.integration.data.access.Permissions
  Class representing the permissions given to a User or a Group on an IntegrationEntity.

  The permissions are implemented using two EnumSet of Permission instances: one set for the permissions that have been explicitly allowed, and one set for the permissions that have been explicitly denied. A denied permission takes percedence over an allowed permission.

  This permission system is modelled after Windows. @author Torgil Zethson

    private void setRequiredObjectsReadable(K role, T roleId, IntegrationEntity entity) {
        for (IntegrationEntity reqObj : dependencies.getRequiredObjects(entity)) {
            if (!hasPermission(role, reqObj, Permission.READ)) {
                MapImpl<T, V> map = getMap(reqObj);
                Permissions perms = map.get(reqObj.getID(), roleId);
                if (perms == null) {
                    perms = new Permissions(READ_SET, null);
                } else {
                    perms = Permissions.add(perms, READ_SET, null);
                }
                set(role, roleId, reqObj, perms, false);
            }

            for (IntegrationEntity depObj : dependencies.getDependingObjects(entity)) {
                if (!cyclicGuard.add(entity)) {
                    continue;
                }
                MapImpl<T, V> map = getMap(depObj);
                Permissions perms = map.get(depObj.getID(), roleId);
                if (perms == null) {
                    addNewPermissions(roleId, depObj, map);
                } else if (!perms.isDenied(Permission.READ)) {
                    updateExistingPermissions(roleId, depObj, map, perms);
                }
                // We must also deny READ on all descendants and depending objects:
                denyReadOnDependingObjects(role, roleId, depObj);
            }

                denyReadOnDependingObjects(role, roleId, depObj);
            }
        }

        private void addNewPermissions(T roleId, IntegrationEntity depObj, MapImpl<T, V> map) {
            map.put(depObj.getID(), roleId, new Permissions(null, READ_SET));
            setDirty(depObj);
        }

            for (IntegrationEntity depObj : dependencies.getDependingObjects(entity)) {
                if (!cyclicGuard.add(entity)) {
                    continue;
                }
                MapImpl<T, V> map = getMap(depObj);
                Permissions perms = map.get(depObj.getID(), roleId);
                if (perms == null) {
                    addEmptyPermissions(roleId, depObj, map);
                } else if (perms.isAllowed(Permission.READ)) {
                    removeReadPermission(roleId, depObj, map, perms);
                }
                revokeReadOnDependingObjects(role, roleId, depObj);
            }
        }

        private void addEmptyPermissions(T roleId, IntegrationEntity depObj, MapImpl<T, V> map) {
            // If no permissions have been set we explicitly add an empty permissions object.
            // This is so that we can use predefined default permissions in the UI when no permissions
            // have been set explicitly.
            map.put(depObj.getID(), roleId, new Permissions(null, null));
            setDirty(depObj);
        }

     * @param p
     *            the <tt>Permission</tt> to check for.
     * @return <tt>true</tt> iff <tt>user</tt> has the specified permission.
     */
    public boolean hasPermission(User user, IntegrationEntity entity, Permission p) {
        Permissions effPerms = getEffective(user, entity);
        return effPerms != null && effPerms.isAllowed(p);
    }

    /**
     * Checks if <tt>group</tt> has the permission <tt>p</tt> on <tt>entity</tt>.
     *
     */
    public boolean hasPermission(Group group, IntegrationEntity entity, Permission p) {
        Permissions effPerms = getEffective(group, entity);
        return effPerms != null && effPerms.isAllowed(p);
    }

    @Test
    public void ensureCopyWorks() {
        User torgil = new User("Torgil");
        User bahamas = new User("Bahamas");
        Permissions fullAccess = Permissions.fullControl();
        Permissions readOnly = new Permissions(EnumSet.of(Permission.READ), null);
        Source original = new Source("S1");
        Source copy = new Source("S2");
        UserMap map = new UserMap();
        map.put(original.getID(), torgil.getId(), fullAccess);
        map.put(original.getID(), bahamas.getId(), readOnly);

    private boolean hasPermissionImpl(User user, EntityDescriptor entity, Permission p, boolean checkAdmin) {
        if (checkAdmin && isAdmin(user)) {
            return true;
        }
        Permissions up = userPerms.getPermissions(user, entity);
        if (checkOwner(up, p)) {
            return true;
        }
        if (up.isDenied(p)) {
            return false;
        }
        Set<Permissions> groups = Sets.newHashSet();
        for (Group g : groupLookup.getGroups(user)) {
            Permissions gp = groupPerms.getPermissions(g, entity);
            if (gp.isDenied(p)) {
                return false;
            }
            groups.add(gp);
        }
        if (up.isAllowed(p)) {
            return true;
        }
        for (Permissions gp : groups) {
            if (gp.isAllowed(p)) {
                return true;
            }
        }
        return false;
    }

    public static void main(String[] args) throws Exception {
        Connection conn = ServerDbInfo.getTranDbConnectionInfo().getConnection();
        try {
            Group group = new Group(1, "Users");
            EntityDescriptor entity = new EntityDescriptor(EntityType.Operation, 2);
            Permissions p = new TranDbGroupPermissionsLookup(conn).getPermissions(group, entity);
            System.out.println(p);
        } finally {
            KongaDbUtils.close(conn);
        }
    }