#3529 feature - Securized access for readonly users

rsanchez

2017-04-17 8a45ae67ed7371a9d28cbba6de188af3270562b6

#3529 feature - Securized access for readonly users

 securis/src/main/java/net/curisit/securis/db/Application.java
..
..
@@ -38,7 +38,8 @@
38
38
 @JsonIgnoreProperties(ignoreUnknown = true)
39
39
 @Entity
40
40
 @Table(name = "application")
41
-@NamedQueries({ @NamedQuery(name = "list-applications", query = "SELECT a FROM Application a") })
41
+@NamedQueries({ @NamedQuery(name = "list-applications", query = "SELECT a FROM Application a"),
42
+		@NamedQuery(name = "list-applications-by_ids", query = "SELECT a FROM Application a where id in :list_ids") })
42
43
 public class Application implements Serializable {
43
44
 
44
45
 	private static final Logger LOG = LogManager.getLogger(Application.class);
 securis/src/main/java/net/curisit/securis/db/LicenseType.java
..
..
@@ -38,6 +38,7 @@
38
38
 @Entity
39
39
 @Table(name = "license_type")
40
40
 @NamedQueries({ @NamedQuery(name = "list-license_types", query = "SELECT lt FROM LicenseType lt"),
41
+		@NamedQuery(name = "list-license_types-by_apps-id", query = "SELECT lt FROM LicenseType lt where lt.application.id in :list_ids"),
41
42
 		@NamedQuery(name = "list-application-license_types", query = "SELECT lt FROM LicenseType lt where lt.application.id = :appId") })
42
43
 public class LicenseType implements Serializable {
43
44
 
 securis/src/main/java/net/curisit/securis/services/ApplicationResource.java
..
..
@@ -72,12 +72,23 @@
72
72
 	@Path("/")
73
73
 	@Produces({ MediaType.APPLICATION_JSON })
74
74
 	@Securable
75
-	public Response index() {
75
+	public Response index(@Context BasicSecurityContext bsc) {
76
76
 		LOG.info("Getting applications list ");
77
77
 
78
78
 		// EntityManager em = emProvider.get();
79
79
 		em.clear();
80
-		TypedQuery<Application> q = em.createNamedQuery("list-applications", Application.class);
80
+
81
+		TypedQuery<Application> q;
82
+		if (bsc.isUserInRole(BasicSecurityContext.ROL_ADMIN)) {
83
+			q = em.createNamedQuery("list-applications", Application.class);
84
+		} else {
85
+			if (bsc.getApplicationsIds() == null || bsc.getApplicationsIds().isEmpty()) {
86
+				return Response.ok().build();
87
+			}
88
+			q = em.createNamedQuery("list-applications-by_ids", Application.class);
89
+
90
+			q.setParameter("list_ids", bsc.getApplicationsIds());
91
+		}
81
92
 		List<Application> list = q.getResultList();
82
93
 
83
94
 		return Response.ok(list).build();
 securis/src/main/java/net/curisit/securis/services/LicenseTypeResource.java
..
..
@@ -74,12 +74,22 @@
74
74
 	@Path("/")
75
75
 	@Produces({ MediaType.APPLICATION_JSON })
76
76
 	@Securable
77
-	public Response index() {
77
+	public Response index(@Context BasicSecurityContext bsc) {
78
78
 		LOG.info("Getting license types list ");
79
79
 
80
80
 		// EntityManager em = emProvider.get();
81
81
 		em.clear();
82
-		TypedQuery<LicenseType> q = em.createNamedQuery("list-license_types", LicenseType.class);
82
+		TypedQuery<LicenseType> q;
83
+		if (bsc.isUserInRole(BasicSecurityContext.ROL_ADMIN)) {
84
+			q = em.createNamedQuery("list-license_types", LicenseType.class);
85
+		} else {
86
+			if (bsc.getApplicationsIds() == null || bsc.getApplicationsIds().isEmpty()) {
87
+				return Response.ok().build();
88
+			}
89
+			q = em.createNamedQuery("list-license_types-by_apps-id", LicenseType.class);
90
+
91
+			q.setParameter("list_ids", bsc.getApplicationsIds());
92
+		}
83
93
 		List<LicenseType> list = q.getResultList();
84
94
 
85
95
 		return Response.ok(list).build();
 securis/src/main/java/net/curisit/securis/services/OrganizationResource.java
..
..
@@ -77,7 +77,12 @@
77
77
 			LOG.info("GEtting all orgs for user: " + bsc.getUserPrincipal());
78
78
 			q = em.createNamedQuery("list-organizations", Organization.class);
79
79
 		} else {
80
-			q = em.createNamedQuery("list-organizations", Organization.class);
80
+			if (bsc.getOrganizationsIds() == null || bsc.getOrganizationsIds().isEmpty()) {
81
+				return Response.ok().build();
82
+			} else {
83
+				q = em.createNamedQuery("list-organizations-by-ids", Organization.class);
84
+				q.setParameter("list_ids", bsc.getOrganizationsIds());
85
+			}
81
86
 		}
82
87
 
83
88
 		List<Organization> list = q.getResultList();
 securis/src/main/java/net/curisit/securis/services/UserResource.java
..
..
@@ -76,7 +76,7 @@
76
76
 	@GET
77
77
 	@Path("/")
78
78
 	@Produces({ MediaType.APPLICATION_JSON })
79
-	@Securable
79
+	@Securable(roles = Rol.ADMIN)
80
80
 	@RolesAllowed(BasicSecurityContext.ROL_ADMIN)
81
81
 	public Response index() {
82
82
 		LOG.info("Getting users list ");
..
..
@@ -97,7 +97,7 @@
97
97
 	@GET
98
98
 	@Path("/{uid}")
99
99
 	@Produces({ MediaType.APPLICATION_JSON })
100
-	@Securable
100
+	@Securable(roles = Rol.ADMIN)
101
101
 	@RolesAllowed(BasicSecurityContext.ROL_ADMIN)
102
102
 	public Response get(@PathParam("uid") String uid, @HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) {
103
103
 		LOG.info("Getting user data for id: {}: ", uid);