| /* |
| * Licensed to the Apache Software Foundation (ASF) under one |
| * or more contributor license agreements. See the NOTICE file |
| * distributed with this work for additional information |
| * regarding copyright ownership. The ASF licenses this file |
| * to you under the Apache License, Version 2.0 (the |
| * "License"); you may not use this file except in compliance |
| * with the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| package org.apache.ambari.server.orm.entities; |
| |
| |
| import java.util.Collection; |
| import java.util.LinkedHashSet; |
| import java.util.Set; |
| |
| import javax.persistence.Column; |
| import javax.persistence.Entity; |
| import javax.persistence.GeneratedValue; |
| import javax.persistence.GenerationType; |
| import javax.persistence.Id; |
| import javax.persistence.JoinColumn; |
| import javax.persistence.JoinColumns; |
| import javax.persistence.JoinTable; |
| import javax.persistence.ManyToMany; |
| import javax.persistence.ManyToOne; |
| import javax.persistence.NamedQueries; |
| import javax.persistence.NamedQuery; |
| import javax.persistence.OneToOne; |
| import javax.persistence.Table; |
| import javax.persistence.TableGenerator; |
| |
| import org.apache.ambari.server.security.authorization.RoleAuthorization; |
| |
| /** |
| * Represents an admin permission. |
| */ |
| @Table(name = "adminpermission") |
| @Entity |
| @TableGenerator(name = "permission_id_generator", |
| table = "ambari_sequences", pkColumnName = "sequence_name", valueColumnName = "sequence_value" |
| , pkColumnValue = "permission_id_seq" |
| , initialValue = 100 |
| ) |
| @NamedQueries({ |
| @NamedQuery(name = "PermissionEntity.findByName", query = "SELECT p FROM PermissionEntity p WHERE p.permissionName = :permissionName"), |
| @NamedQuery(name = "PermissionEntity.findByPrincipals", query = "SELECT p FROM PermissionEntity p WHERE p.principal IN :principalList") |
| }) |
| public class PermissionEntity { |
| |
| /** |
| * Admin permission id constants. |
| */ |
| public static final int AMBARI_ADMINISTRATOR_PERMISSION = 1; |
| public static final int CLUSTER_USER_PERMISSION = 2; |
| public static final int CLUSTER_ADMINISTRATOR_PERMISSION = 3; |
| public static final int VIEW_USER_PERMISSION = 4; |
| |
| /** |
| * Admin permission name constants. |
| */ |
| public static final String AMBARI_ADMINISTRATOR_PERMISSION_NAME = "AMBARI.ADMINISTRATOR"; |
| public static final String CLUSTER_ADMINISTRATOR_PERMISSION_NAME = "CLUSTER.ADMINISTRATOR"; |
| public static final String CLUSTER_OPERATOR_PERMISSION_NAME = "CLUSTER.OPERATOR"; |
| public static final String SERVICE_ADMINISTRATOR_PERMISSION_NAME = "SERVICE.ADMINISTRATOR"; |
| public static final String SERVICE_OPERATOR_PERMISSION_NAME = "SERVICE.OPERATOR"; |
| public static final String CLUSTER_USER_PERMISSION_NAME = "CLUSTER.USER"; |
| public static final String VIEW_USER_PERMISSION_NAME = "VIEW.USER"; |
| |
| /** |
| * The permission id. |
| */ |
| @Id |
| @Column(name = "permission_id") |
| @GeneratedValue(strategy = GenerationType.TABLE, generator = "permission_id_generator") |
| private Integer id; |
| |
| |
| /** |
| * The permission name. |
| */ |
| @Column(name = "permission_name") |
| private String permissionName; |
| |
| /** |
| * The permission's (descriptive) label |
| */ |
| @Column(name = "permission_label") |
| private String permissionLabel; |
| |
| /** |
| * The permission's (admin)principal reference |
| */ |
| @OneToOne |
| @JoinColumns({ |
| @JoinColumn(name = "principal_id", referencedColumnName = "principal_id", nullable = false), |
| }) |
| private PrincipalEntity principal; |
| |
| @ManyToOne |
| @JoinColumns({ |
| @JoinColumn(name = "resource_type_id", referencedColumnName = "resource_type_id", nullable = false), |
| }) |
| private ResourceTypeEntity resourceType; |
| |
| /** |
| * The set of authorizations related to this permission. |
| * |
| * This value declares the granular details for which operations this PermissionEntity grants |
| * access. |
| */ |
| @ManyToMany |
| @JoinTable( |
| name = "permission_roleauthorization", |
| joinColumns = {@JoinColumn(name = "permission_id")}, |
| inverseJoinColumns = {@JoinColumn(name = "authorization_id")} |
| ) |
| private Set<RoleAuthorizationEntity> authorizations = new LinkedHashSet<>(); |
| |
| /** |
| * The permission's explicit sort order |
| */ |
| @Column(name = "sort_order", nullable = false) |
| private Integer sortOrder = 1; |
| |
| // ----- PermissionEntity --------------------------------------------------- |
| |
| /** |
| * Get the permission id. |
| * |
| * @return the permission id. |
| */ |
| public Integer getId() { |
| return id; |
| } |
| |
| /** |
| * Set the permission id. |
| * |
| * @param id the type id. |
| */ |
| public void setId(Integer id) { |
| this.id = id; |
| } |
| |
| /** |
| * Get the permission name. |
| * |
| * @return the permission name |
| */ |
| public String getPermissionName() { |
| return permissionName; |
| } |
| |
| /** |
| * Set the permission name. |
| * |
| * @param permissionName the permission name |
| */ |
| public void setPermissionName(String permissionName) { |
| this.permissionName = permissionName; |
| } |
| |
| /** |
| * Get the permission's label. |
| * |
| * @return the permission's label |
| */ |
| public String getPermissionLabel() { |
| return permissionLabel; |
| } |
| |
| /** |
| * Set the permission's label. |
| * |
| * @param permissionLabel the permission's label |
| */ |
| public void setPermissionLabel(String permissionLabel) { |
| this.permissionLabel = permissionLabel; |
| } |
| |
| /** |
| * Get the principal entity. |
| * |
| * @return the principal entity |
| */ |
| public PrincipalEntity getPrincipal() { |
| return principal; |
| } |
| |
| /** |
| * Set the principal entity. |
| * |
| * @param principal the principal entity |
| */ |
| public void setPrincipal(PrincipalEntity principal) { |
| this.principal = principal; |
| } |
| |
| /** |
| * Get the resource type entity. |
| * |
| * @return the resource type entity |
| */ |
| public ResourceTypeEntity getResourceType() { |
| return resourceType; |
| } |
| |
| /** |
| * Set the resource type entity. |
| * |
| * @param resourceType the resource type entity |
| */ |
| public void setResourceType(ResourceTypeEntity resourceType) { |
| this.resourceType = resourceType; |
| } |
| |
| /** |
| * Gets the collection of granular authorizations for this PermissionEntity |
| * |
| * @return a collection of granular authorizations |
| */ |
| public Collection<RoleAuthorizationEntity> getAuthorizations() { |
| return authorizations; |
| } |
| |
| /** |
| * Add roleAuthorization if it's not already added |
| */ |
| public void addAuthorization(RoleAuthorizationEntity roleAuthorization) { |
| authorizations.add(roleAuthorization); |
| } |
| |
| /** |
| * Add multiple role authorizations |
| */ |
| public void addAuthorizations(Collection<RoleAuthorization> roleAuthorizations) { |
| for (RoleAuthorization roleAuthorization : roleAuthorizations) { |
| addAuthorization(createRoleAuthorizationEntity(roleAuthorization)); |
| } |
| } |
| |
| private static RoleAuthorizationEntity createRoleAuthorizationEntity(RoleAuthorization authorization) { |
| RoleAuthorizationEntity roleAuthorizationEntity = new RoleAuthorizationEntity(); |
| roleAuthorizationEntity.setAuthorizationId(authorization.getId()); |
| roleAuthorizationEntity.setAuthorizationName(authorization.name()); |
| return roleAuthorizationEntity; |
| } |
| |
| /** |
| * Gets the explicit sort order value for this PermissionEntity |
| * <p/> |
| * This value is used to help explicitly order permission entities. For example, order from most |
| * permissive to least permissive. |
| * |
| * @return the explict sorting order value |
| */ |
| public Integer getSortOrder() { |
| return sortOrder; |
| } |
| |
| /** |
| * Sets the explicit sort order value for this PermissionEntity |
| * |
| * @param sortOrder a sorting order value |
| */ |
| public void setSortOrder(Integer sortOrder) { |
| this.sortOrder = sortOrder; |
| } |
| |
| // ----- Object overrides -------------------------------------------------- |
| |
| @Override |
| public boolean equals(Object o) { |
| if (this == o) return true; |
| if (o == null || getClass() != o.getClass()) return false; |
| |
| PermissionEntity that = (PermissionEntity) o; |
| |
| return !(id != null ? !id.equals(that.id) : that.id != null) && |
| !(permissionName != null ? !permissionName.equals(that.permissionName) : that.permissionName != null) && |
| !(permissionLabel != null ? !permissionLabel.equals(that.permissionLabel) : that.permissionLabel != null) && |
| !(resourceType != null ? !resourceType.equals(that.resourceType) : that.resourceType != null) && |
| !(sortOrder != null ? !sortOrder.equals(that.sortOrder) : that.sortOrder != null) && |
| !(authorizations != null ? !authorizations.equals(that.authorizations) : that.authorizations != null); |
| } |
| |
| @Override |
| public int hashCode() { |
| int result = id != null ? id.hashCode() : 0; |
| result = 31 * result + (permissionName != null ? permissionName.hashCode() : 0); |
| result = 31 * result + (permissionLabel != null ? permissionLabel.hashCode() : 0); |
| result = 31 * result + (resourceType != null ? resourceType.hashCode() : 0); |
| result = 31 * result + (sortOrder != null ? sortOrder.hashCode() : 0); |
| result = 31 * result + (authorizations != null ? authorizations.hashCode() : 0); |
| return result; |
| } |
| } |