From 9d084c57c0fd5b9543c4ad500f90bf245bdb61fd Mon Sep 17 00:00:00 2001 From: Timo Bejan Date: Thu, 24 Aug 2023 21:10:03 +0300 Subject: [PATCH] RED-7439 - single transaction write for ace entries of a dossier --- .../v1/processor/acl/AbstractACLService.java | 6 +++--- .../custom/api/ICustomPermissionService.java | 5 +++++ .../acl/custom/dossier/DossierACLService.java | 4 ++-- .../service/CustomPermissionService.java | 18 ++++++++++++++++++ .../service/job/SyncUserPermissionsJob.java | 2 +- 5 files changed, 29 insertions(+), 6 deletions(-) diff --git a/persistence-service-v1/persistence-service-processor-v1/src/main/java/com/iqser/red/service/persistence/management/v1/processor/acl/AbstractACLService.java b/persistence-service-v1/persistence-service-processor-v1/src/main/java/com/iqser/red/service/persistence/management/v1/processor/acl/AbstractACLService.java index f9e591e56..5aef23de3 100644 --- a/persistence-service-v1/persistence-service-processor-v1/src/main/java/com/iqser/red/service/persistence/management/v1/processor/acl/AbstractACLService.java +++ b/persistence-service-v1/persistence-service-processor-v1/src/main/java/com/iqser/red/service/persistence/management/v1/processor/acl/AbstractACLService.java @@ -17,11 +17,11 @@ public abstract class AbstractACLService { public MutableAcl getOrCreateACL(Serializable id) { - ObjectIdentityImpl dossierIdentity = new ObjectIdentityImpl(getIdentifier(), id); + var objectIdentity = new ObjectIdentityImpl(getIdentifier(), id); try { - return (MutableAcl) mutableAclService.readAclById(dossierIdentity); + return (MutableAcl) mutableAclService.readAclById(objectIdentity); } catch (NotFoundException e) { - return mutableAclService.createAcl(dossierIdentity); + return mutableAclService.createAcl(objectIdentity); } } diff --git a/persistence-service-v1/persistence-service-processor-v1/src/main/java/com/iqser/red/service/persistence/management/v1/processor/acl/custom/api/ICustomPermissionService.java b/persistence-service-v1/persistence-service-processor-v1/src/main/java/com/iqser/red/service/persistence/management/v1/processor/acl/custom/api/ICustomPermissionService.java index 7e27a0b2c..eea1bd290 100644 --- a/persistence-service-v1/persistence-service-processor-v1/src/main/java/com/iqser/red/service/persistence/management/v1/processor/acl/custom/api/ICustomPermissionService.java +++ b/persistence-service-v1/persistence-service-processor-v1/src/main/java/com/iqser/red/service/persistence/management/v1/processor/acl/custom/api/ICustomPermissionService.java @@ -53,6 +53,11 @@ public abstract class ICustomPermissionService exten } + public void applyCustomPermissions(CustomPermissionMappingModel customPermissionMappingModel, MutableAcl acl){ + applyAces(acl, customPermissionMappingModel); + } + + protected void applyAces(MutableAcl acl, CustomPermissionMappingModel model) { clearAces(acl); diff --git a/persistence-service-v1/persistence-service-processor-v1/src/main/java/com/iqser/red/service/persistence/management/v1/processor/acl/custom/dossier/DossierACLService.java b/persistence-service-v1/persistence-service-processor-v1/src/main/java/com/iqser/red/service/persistence/management/v1/processor/acl/custom/dossier/DossierACLService.java index c7ef6ed62..c993566ee 100644 --- a/persistence-service-v1/persistence-service-processor-v1/src/main/java/com/iqser/red/service/persistence/management/v1/processor/acl/custom/dossier/DossierACLService.java +++ b/persistence-service-v1/persistence-service-processor-v1/src/main/java/com/iqser/red/service/persistence/management/v1/processor/acl/custom/dossier/DossierACLService.java @@ -123,12 +123,12 @@ public class DossierACLService extends AbstractACLService { } members.forEach(member -> acl.insertAce(0, RedPermission.REVIEW, new PrincipalSid(member), true)); - approvers.forEach(member -> acl.insertAce(0, RedPermission.APPROVE, new PrincipalSid(member), true)); + customPermissionService.applyCustomPermissions(getIdentifier(), acl); + mutableAclService.updateAcl(acl); - customPermissionService.applyCustomPermissions(getIdentifier(), dossierId); } } diff --git a/persistence-service-v1/persistence-service-processor-v1/src/main/java/com/iqser/red/service/persistence/management/v1/processor/acl/custom/service/CustomPermissionService.java b/persistence-service-v1/persistence-service-processor-v1/src/main/java/com/iqser/red/service/persistence/management/v1/processor/acl/custom/service/CustomPermissionService.java index 0535b63a1..017edaafb 100644 --- a/persistence-service-v1/persistence-service-processor-v1/src/main/java/com/iqser/red/service/persistence/management/v1/processor/acl/custom/service/CustomPermissionService.java +++ b/persistence-service-v1/persistence-service-processor-v1/src/main/java/com/iqser/red/service/persistence/management/v1/processor/acl/custom/service/CustomPermissionService.java @@ -13,6 +13,7 @@ import java.util.Optional; import java.util.Set; import java.util.stream.Collectors; +import org.springframework.security.acls.model.MutableAcl; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; @@ -110,6 +111,20 @@ public class CustomPermissionService { } + public void applyCustomPermissions(String targetObject, MutableAcl acl) { + var mappings = getCustomPermissionMappings(targetObject); + applyToAcl(mappings, acl); + } + + public void applyToAcl(List customPermissionMappingModels, MutableAcl acl) { + + customPermissionMappingModels.forEach(p -> customPermissionServices.forEach(s -> { + if (p.getTargetPermission().getMask() == s.forPermission().getMask()) { + s.applyCustomPermissions(p, acl); + } + })); + } + public void apply(List customPermissionMappingModels, Serializable objectId) { customPermissionMappingModels.forEach(p -> customPermissionServices.forEach(s -> { @@ -199,4 +214,7 @@ public class CustomPermissionService { this.apply(getCustomPermissionMappings(targetObject)); } + + + } diff --git a/persistence-service-v1/persistence-service-processor-v1/src/main/java/com/iqser/red/service/persistence/management/v1/processor/service/job/SyncUserPermissionsJob.java b/persistence-service-v1/persistence-service-processor-v1/src/main/java/com/iqser/red/service/persistence/management/v1/processor/service/job/SyncUserPermissionsJob.java index f702ce82c..63ed45479 100644 --- a/persistence-service-v1/persistence-service-processor-v1/src/main/java/com/iqser/red/service/persistence/management/v1/processor/service/job/SyncUserPermissionsJob.java +++ b/persistence-service-v1/persistence-service-processor-v1/src/main/java/com/iqser/red/service/persistence/management/v1/processor/service/job/SyncUserPermissionsJob.java @@ -25,7 +25,7 @@ public class SyncUserPermissionsJob implements Job { @Override - public void execute(JobExecutionContext context) throws JobExecutionException{ + public void execute(JobExecutionContext context) throws JobExecutionException { var singleTenant = context.getJobDetail().getJobDataMap() != null ? context.getJobDetail().getJobDataMap().get("tenantId") : null; tenantProvider.getTenants().forEach(tenant -> { -- 2.47.2