otf-service-api/src/main/java/org/oran/otf/common/utility/permissions/PermissionChecker.java

   1 /*  Copyright (c) 2019 AT&T Intellectual Property.                             #\r
   2 #                                                                              #\r
   3 #   Licensed under the Apache License, Version 2.0 (the "License");            #\r
   4 #   you may not use this file except in compliance with the License.           #\r
   5 #   You may obtain a copy of the License at                                    #\r
   6 #                                                                              #\r
   7 #       http://www.apache.org/licenses/LICENSE-2.0                             #\r
   8 #                                                                              #\r
   9 #   Unless required by applicable law or agreed to in writing, software        #\r
  10 #   distributed under the License is distributed on an "AS IS" BASIS,          #\r
  11 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   #\r
  12 #   See the License for the specific language governing permissions and        #\r
  13 #   limitations under the License.                                             #\r
  14 ##############################################################################*/\r
  15 \r
  16 \r
  17 package org.oran.otf.common.utility.permissions;\r
  18 \r
  19 import org.oran.otf.common.model.Group;\r
  20 import org.oran.otf.common.model.User;\r
  21 import org.oran.otf.common.repository.GroupRepository;\r
  22 \r
  23 import java.util.Collection;\r
  24 \r
  25 public class PermissionChecker {\r
  26     //check is a user have a certain permission in a group\r
  27     public static boolean hasPermissionTo(User user,Group group,String permission, GroupRepository groupRepository){\r
  28         UserPermission userPermission = new PermissionUtil().buildUserPermission(user,groupRepository);\r
  29         return hasPermissionTo(userPermission,group,permission);\r
  30     }\r
  31     public static boolean hasPermissionTo(User user, Group group, Collection<String> permissions, GroupRepository groupRepository){\r
  32         UserPermission userPermission = new PermissionUtil().buildUserPermission(user,groupRepository);\r
  33         for(String permission : permissions){\r
  34             if(!hasPermissionTo(userPermission,group,permission)){\r
  35                 return false;\r
  36             }\r
  37         }\r
  38         return true;\r
  39     }\r
  40     // check a users list of permission in a group\r
  41     private static boolean hasPermissionTo(UserPermission userPermission, Group group,String permission){\r
  42         switch (permission.toUpperCase()) {\r
  43             case (UserPermission.Permission.READ):\r
  44                 return userPermission.hasAccessTo(group.get_id().toString(),UserPermission.Permission.READ);\r
  45             case (UserPermission.Permission.WRITE):\r
  46                 return userPermission.hasAccessTo(group.get_id().toString(),UserPermission.Permission.WRITE);\r
  47             case (UserPermission.Permission.EXECUTE):\r
  48                 return userPermission.hasAccessTo(group.get_id().toString(),UserPermission.Permission.EXECUTE);\r
  49             case (UserPermission.Permission.DELETE):\r
  50                 return userPermission.hasAccessTo(group.get_id().toString(),UserPermission.Permission.DELETE);\r
  51             case (UserPermission.Permission.MANAGEMENT):\r
  52                 return userPermission.hasAccessTo(group.get_id().toString(),UserPermission.Permission.MANAGEMENT);\r
  53             default:\r
  54                 return false;// reaches here when permission provided is not an option\r
  55         }\r
  56     }\r
  57 }