Package: RoleServiceImpl

RoleServiceImpl

name	instruction	branch	complexity	line	method
RoleServiceImpl()	M: 10 C: 0 0%	M: 0 C: 0 100%	M: 1 C: 0 0%	M: 3 C: 0 0%	M: 1 C: 0 0%
count(KapuaQuery)	M: 23 C: 0 0%	M: 0 C: 0 100%	M: 1 C: 0 0%	M: 3 C: 0 0%	M: 1 C: 0 0%
create(RoleCreator)	M: 96 C: 0 0%	M: 10 C: 0 0%	M: 6 C: 0 0%	M: 17 C: 0 0%	M: 1 C: 0 0%
delete(KapuaId, KapuaId)	M: 50 C: 0 0%	M: 4 C: 0 0%	M: 3 C: 0 0%	M: 10 C: 0 0%	M: 1 C: 0 0%
deleteRoleByAccountId(KapuaId, KapuaId)	M: 28 C: 0 0%	M: 2 C: 0 0%	M: 2 C: 0 0%	M: 6 C: 0 0%	M: 1 C: 0 0%
find(KapuaId, KapuaId)	M: 33 C: 0 0%	M: 0 C: 0 100%	M: 1 C: 0 0%	M: 6 C: 0 0%	M: 1 C: 0 0%
lambda$count$9(KapuaQuery, EntityManager)	M: 5 C: 0 0%	M: 0 C: 0 100%	M: 1 C: 0 0%	M: 1 C: 0 0%	M: 1 C: 0 0%
lambda$create$0(RoleCreator, EntityManager)	M: 40 C: 0 0%	M: 4 C: 0 0%	M: 3 C: 0 0%	M: 9 C: 0 0%	M: 1 C: 0 0%
lambda$delete$3(KapuaId, KapuaId, EntityManager)	M: 5 C: 0 0%	M: 0 C: 0 100%	M: 1 C: 0 0%	M: 1 C: 0 0%	M: 1 C: 0 0%
lambda$delete$4(KapuaId, KapuaId, Role)	M: 7 C: 0 0%	M: 0 C: 0 100%	M: 1 C: 0 0%	M: 1 C: 0 0%	M: 1 C: 0 0%
lambda$find$5(KapuaId, KapuaId, EntityManager)	M: 5 C: 0 0%	M: 0 C: 0 100%	M: 1 C: 0 0%	M: 1 C: 0 0%	M: 1 C: 0 0%
lambda$find$6(KapuaId, KapuaId)	M: 7 C: 0 0%	M: 0 C: 0 100%	M: 1 C: 0 0%	M: 1 C: 0 0%	M: 1 C: 0 0%
lambda$find$7(Role)	M: 5 C: 0 0%	M: 0 C: 0 100%	M: 1 C: 0 0%	M: 1 C: 0 0%	M: 1 C: 0 0%
lambda$query$8(KapuaQuery, EntityManager)	M: 4 C: 0 0%	M: 0 C: 0 100%	M: 1 C: 0 0%	M: 1 C: 0 0%	M: 1 C: 0 0%
lambda$update$1(Role, EntityManager)	M: 4 C: 0 0%	M: 0 C: 0 100%	M: 1 C: 0 0%	M: 1 C: 0 0%	M: 1 C: 0 0%
lambda$update$2(Role)	M: 8 C: 0 0%	M: 0 C: 0 100%	M: 1 C: 0 0%	M: 2 C: 0 0%	M: 1 C: 0 0%
onKapuaEvent(ServiceEvent)	M: 26 C: 0 0%	M: 6 C: 0 0%	M: 4 C: 0 0%	M: 5 C: 0 0%	M: 1 C: 0 0%
query(KapuaQuery)	M: 22 C: 0 0%	M: 0 C: 0 100%	M: 1 C: 0 0%	M: 3 C: 0 0%	M: 1 C: 0 0%
static {...}	M: 6 C: 0 0%	M: 0 C: 0 100%	M: 1 C: 0 0%	M: 2 C: 0 0%	M: 1 C: 0 0%
update(Role)	M: 93 C: 0 0%	M: 4 C: 0 0%	M: 3 C: 0 0%	M: 16 C: 0 0%	M: 1 C: 0 0%

Coverage

1: /*******************************************************************************
2: * Copyright (c) 2016, 2022 Eurotech and/or its affiliates and others
3: *
4: * This program and the accompanying materials are made
5: * available under the terms of the Eclipse Public License 2.0
6: * which is available at https://www.eclipse.org/legal/epl-2.0/
7: *
8: * SPDX-License-Identifier: EPL-2.0
9: *
10: * Contributors:
11: * Eurotech - initial API and implementation
12: *******************************************************************************/
13: package org.eclipse.kapua.service.authorization.role.shiro;
14:
15: import org.eclipse.kapua.KapuaDuplicateNameException;
16: import org.eclipse.kapua.KapuaEntityNotFoundException;
17: import org.eclipse.kapua.KapuaErrorCodes;
18: import org.eclipse.kapua.KapuaException;
19: import org.eclipse.kapua.commons.configuration.AbstractKapuaConfigurableResourceLimitedService;
20: import org.eclipse.kapua.commons.jpa.EntityManagerContainer;
21: import org.eclipse.kapua.commons.util.ArgumentValidator;
22: import org.eclipse.kapua.event.ServiceEvent;
23: import org.eclipse.kapua.locator.KapuaLocator;
24: import org.eclipse.kapua.locator.KapuaProvider;
25: import org.eclipse.kapua.model.domain.Actions;
26: import org.eclipse.kapua.model.id.KapuaId;
27: import org.eclipse.kapua.model.query.KapuaQuery;
28: import org.eclipse.kapua.model.query.predicate.AttributePredicate.Operator;
29: import org.eclipse.kapua.service.authorization.AuthorizationDomains;
30: import org.eclipse.kapua.service.authorization.AuthorizationService;
31: import org.eclipse.kapua.service.authorization.permission.Permission;
32: import org.eclipse.kapua.service.authorization.permission.PermissionFactory;
33: import org.eclipse.kapua.service.authorization.permission.shiro.PermissionValidator;
34: import org.eclipse.kapua.service.authorization.role.Role;
35: import org.eclipse.kapua.service.authorization.role.RoleAttributes;
36: import org.eclipse.kapua.service.authorization.role.RoleCreator;
37: import org.eclipse.kapua.service.authorization.role.RoleFactory;
38: import org.eclipse.kapua.service.authorization.role.RoleListResult;
39: import org.eclipse.kapua.service.authorization.role.RolePermissionCreator;
40: import org.eclipse.kapua.service.authorization.role.RolePermissionFactory;
41: import org.eclipse.kapua.service.authorization.role.RoleQuery;
42: import org.eclipse.kapua.service.authorization.role.RoleService;
43: import org.eclipse.kapua.service.authorization.shiro.AuthorizationEntityManagerFactory;
44: import org.slf4j.Logger;
45: import org.slf4j.LoggerFactory;
46:
47: import javax.inject.Inject;
48:
49: /**
50: * {@link RoleService} implementation.
51: *
52: * @since 1.0.0
53: */
54: @KapuaProvider
55: public class RoleServiceImpl extends AbstractKapuaConfigurableResourceLimitedService<Role, RoleCreator, RoleService, RoleListResult, RoleQuery, RoleFactory> implements RoleService {
56:
57: private static final Logger LOG = LoggerFactory.getLogger(RoleServiceImpl.class);
58:
59: private static final KapuaLocator LOCATOR = KapuaLocator.getInstance();
60:
61: @Inject
62: private AuthorizationService authorizationService;
63: @Inject
64: private PermissionFactory permissionFactory;
65: @Inject
66: private RolePermissionFactory rolePermissionFactory;
67:
68: public RoleServiceImpl() {
69: super(RoleService.class.getName(), AuthorizationDomains.ROLE_DOMAIN,
70: AuthorizationEntityManagerFactory.getInstance(), RoleCacheFactory.getInstance(), RoleService.class,
71: RoleFactory.class);
72: }
73:
74: @Override
75: public Role create(RoleCreator roleCreator) throws KapuaException {
76: //
77: // Argument validation
78: ArgumentValidator.notNull(roleCreator, "roleCreator");
79: ArgumentValidator.notNull(roleCreator.getScopeId(), "roleCreator.scopeId");
80: ArgumentValidator.validateEntityName(roleCreator.getName(), "roleCreator.name");
81: ArgumentValidator.notNull(roleCreator.getPermissions(), "roleCreator.permissions");
82: //
83: // Check Access
84: authorizationService.checkPermission(permissionFactory.newPermission(AuthorizationDomains.ROLE_DOMAIN, Actions.write, roleCreator.getScopeId()));
85:
86: //
87: // Check entity limit
88: checkAllowedEntities(roleCreator.getScopeId(), "Roles");
89:
90: //
91: // Check duplicate name
92: RoleQuery query = new RoleQueryImpl(roleCreator.getScopeId());
93: query.setPredicate(query.attributePredicate(RoleAttributes.NAME, roleCreator.getName()));
94:
95:• if (count(query) > 0) {
96: throw new KapuaDuplicateNameException(roleCreator.getName());
97: }
98:
99: //
100: // If permission are created out of the role scope, check that the current user has the permission on the external scopeId.
101:• if (roleCreator.getPermissions() != null) {
102:• for (Permission p : roleCreator.getPermissions()) {
103:• if (p.getTargetScopeId() == null || !p.getTargetScopeId().equals(roleCreator.getScopeId())) {
104: authorizationService.checkPermission(p);
105: }
106: }
107: }
108:
109: //
110: // Check that the given permission matches the definition of the Domains.
111: PermissionValidator.validatePermissions(roleCreator.getPermissions());
112:
113: //
114: // Do create
115: return entityManagerSession.doTransactedAction(EntityManagerContainer.<Role>create().onResultHandler(em -> {
116: Role role = RoleDAO.create(em, roleCreator);
117:
118:• if (!roleCreator.getPermissions().isEmpty()) {
119:• for (Permission p : roleCreator.getPermissions()) {
120:
121: RolePermissionCreator rolePermissionCreator = rolePermissionFactory.newCreator(roleCreator.getScopeId());
122:
123: rolePermissionCreator.setRoleId(role.getId());
124: rolePermissionCreator.setPermission(p);
125:
126: RolePermissionDAO.create(em, rolePermissionCreator);
127: }
128: }
129:
130: return role;
131: }));
132: }
133:
134: @Override
135: public Role update(Role role) throws KapuaException {
136: //
137: // Argument validation
138: ArgumentValidator.notNull(role, "role");
139: ArgumentValidator.notNull(role.getId(), "role.id");
140: ArgumentValidator.notNull(role.getScopeId(), "role.scopeId");
141: ArgumentValidator.validateEntityName(role.getName(), "role.name");
142:
143: //
144: // Check Access
145: authorizationService.checkPermission(permissionFactory.newPermission(AuthorizationDomains.ROLE_DOMAIN, Actions.write, role.getScopeId()));
146:
147: //
148: // Check existence
149:• if (find(role.getScopeId(), role.getId()) == null) {
150: throw new KapuaEntityNotFoundException(Role.TYPE, role.getId());
151: }
152:
153: //
154: // Check duplicate name
155: RoleQuery query = new RoleQueryImpl(role.getScopeId());
156: query.setPredicate(
157: query.andPredicate(
158: query.attributePredicate(RoleAttributes.NAME, role.getName()),
159: query.attributePredicate(RoleAttributes.ENTITY_ID, role.getId(), Operator.NOT_EQUAL)
160: )
161: );
162:
163:• if (count(query) > 0) {
164: throw new KapuaDuplicateNameException(role.getName());
165: }
166:
167: //
168: // Do update
169: return entityManagerSession.doTransactedAction(EntityManagerContainer.<Role>create().onResultHandler(em -> RoleDAO.update(em, role))
170: .onBeforeHandler(() -> {
171: entityCache.remove(null, role);
172: return null;
173: }));
174: }
175:
176: @Override
177: public void delete(KapuaId scopeId, KapuaId roleId) throws KapuaException {
178: //
179: // Argument validation
180: ArgumentValidator.notNull(scopeId, "scopeId");
181: ArgumentValidator.notNull(roleId, "roleId");
182:
183: //
184: // Check Access
185: authorizationService.checkPermission(permissionFactory.newPermission(AuthorizationDomains.ROLE_DOMAIN, Actions.delete, scopeId));
186:
187: //
188: // Check existence
189:• if (find(scopeId, roleId) == null) {
190: throw new KapuaEntityNotFoundException(Role.TYPE, roleId);
191: }
192:• if (roleId.equals(KapuaId.ONE)) {
193: throw new KapuaException(KapuaErrorCodes.ADMIN_ROLE_DELETED_ERROR);
194: }
195:
196: //
197: // Do delete
198: entityManagerSession.doTransactedAction(EntityManagerContainer.<Role>create().onResultHandler(em -> RoleDAO.delete(em, scopeId, roleId))
199: .onAfterHandler((emptyParam) -> entityCache.remove(scopeId, roleId)));
200: }
201:
202: @Override
203: public Role find(KapuaId scopeId, KapuaId roleId) throws KapuaException {
204: //
205: // Argument validation
206: ArgumentValidator.notNull(scopeId, "scopeId");
207: ArgumentValidator.notNull(roleId, "roleId");
208:
209: //
210: // Check Access
211: authorizationService.checkPermission(permissionFactory.newPermission(AuthorizationDomains.ROLE_DOMAIN, Actions.read, scopeId));
212:
213: //
214: // Do find
215: return entityManagerSession.doAction(EntityManagerContainer.<Role>create().onResultHandler(em -> RoleDAO.find(em, scopeId, roleId))
216: .onBeforeHandler(() -> (Role) entityCache.get(scopeId, roleId))
217: .onAfterHandler((entity) -> entityCache.put(entity)));
218: }
219:
220: @Override
221: public RoleListResult query(KapuaQuery query) throws KapuaException {
222: //
223: // Argument validation
224: ArgumentValidator.notNull(query, "query");
225:
226: //
227: // Check Access
228: authorizationService.checkPermission(permissionFactory.newPermission(AuthorizationDomains.ROLE_DOMAIN, Actions.read, query.getScopeId()));
229:
230: //
231: // Do query
232: return entityManagerSession.doAction(EntityManagerContainer.<RoleListResult>create().onResultHandler(em -> RoleDAO.query(em, query)));
233: }
234:
235: @Override
236: public long count(KapuaQuery query) throws KapuaException {
237: //
238: // Argument validation
239: ArgumentValidator.notNull(query, "query");
240:
241: //
242: // Check Access
243: authorizationService.checkPermission(permissionFactory.newPermission(AuthorizationDomains.ROLE_DOMAIN, Actions.read, query.getScopeId()));
244:
245: //
246: // Do count
247: return entityManagerSession.doAction(EntityManagerContainer.<Long>create().onResultHandler(em -> RoleDAO.count(em, query)));
248: }
249:
250: //@ListenServiceEvent(fromAddress="account")
251: public void onKapuaEvent(ServiceEvent kapuaEvent) throws KapuaException {
252:• if (kapuaEvent == null) {
253: //service bus error. Throw some exception?
254: }
255:
256: LOG.info("RoleService: received kapua event from {}, operation {}", kapuaEvent.getService(), kapuaEvent.getOperation());
257:• if ("account".equals(kapuaEvent.getService()) && "delete".equals(kapuaEvent.getOperation())) {
258: deleteRoleByAccountId(kapuaEvent.getScopeId(), kapuaEvent.getEntityId());
259: }
260: }
261:
262: private void deleteRoleByAccountId(KapuaId scopeId, KapuaId accountId) throws KapuaException {
263:
264: RoleQuery query = new RoleQueryImpl(accountId);
265:
266: RoleListResult rolesToDelete = query(query);
267:
268:• for (Role r : rolesToDelete.getItems()) {
269: delete(r.getScopeId(), r.getId());
270: }
271: }
272: }