fix permission calc

This commit is contained in:
_Bastler 2022-02-19 10:14:19 +01:00
parent b758e5d454
commit 1c85f2b0fd
3 changed files with 46 additions and 27 deletions

View File

@ -46,9 +46,26 @@ public class PermissionManager implements UserDataProvider {
* @return the list * @return the list
*/ */
public List<Permission> get(Long target, String name) { public List<Permission> get(Long target, String name) {
if (target != null) { if (target != null && StringUtils.hasText(name)) {
return Lists.newArrayList(permissionRepository return Lists.newArrayList(permissionRepository
.findAll(qPermission.name.eq(name).and(qPermission.target.eq(target)))); .findAll(qPermission.target.eq(target).and(qPermission.name.eq(name))));
}
return Lists.newArrayList();
}
/**
* Gets the not expires.
*
* @param target the target
* @param name the name
* @return the not expires
*/
public List<Permission> getNotExpires(Long target, String name) {
if (target != null && StringUtils.hasText(name)) {
return Lists.newArrayList(permissionRepository
.findAll(qPermission.target.eq(target).and(qPermission.name.eq(name))
.and(qPermission.expires.after(Instant.now()).and(qPermission.starts
.isNull().or(qPermission.starts.before(Instant.now()))))));
} }
return Lists.newArrayList(); return Lists.newArrayList();
} }
@ -169,16 +186,12 @@ public class PermissionManager implements UserDataProvider {
* @return the permission * @return the permission
*/ */
public Permission update(Permission permission) { public Permission update(Permission permission) {
Assert.isTrue( Assert.isTrue(permissionRepository.existsById(permission.getId()), "Permission '"
permissionRepository.exists(qPermission.target
.eq(permission.getTarget()).and(qPermission.name.eq(permission.getName()))),
"Permission '"
+ permission.getName() + permission.getName()
+ "' for target + '" + "' for target + '"
+ permission.getTarget() + permission.getTarget()
+ "' not exists!"); + "' not exists!");
Permission updatePermission = permissionRepository.findOne(qPermission.target Permission updatePermission = permissionRepository.getById(permission.getId());
.eq(permission.getTarget()).and(qPermission.name.eq(permission.getName()))).get();
updatePermission.setStarts(permission.getStarts()); updatePermission.setStarts(permission.getStarts());
updatePermission.setExpires(permission.getExpires()); updatePermission.setExpires(permission.getExpires());
updatePermission.setAddon(permission.isAddon()); updatePermission.setAddon(permission.isAddon());
@ -215,17 +228,9 @@ public class PermissionManager implements UserDataProvider {
* @param name the name * @param name the name
*/ */
public void delete(Long target, String name) { public void delete(Long target, String name) {
Assert.isTrue( for (Permission permission : get(target, name)) {
permissionRepository permissionRepository.delete(permission);
.exists(qPermission.target.eq(target).and(qPermission.name.eq(name))), }
"Permission '"
+ name
+ "' for target + '"
+ target
+ "' not exists!");
Permission delete = permissionRepository
.findOne(qPermission.target.eq(target).and(qPermission.name.eq(name))).get();
permissionRepository.delete(delete);
} }
/** /**
@ -345,10 +350,18 @@ public class PermissionManager implements UserDataProvider {
List<Permission> existingPermissions = get(target, name); List<Permission> existingPermissions = get(target, name);
for (Permission existingPermission : existingPermissions) { for (Permission existingPermission : existingPermissions) {
if (existingPermission.getStarts() == null) { if (existingPermission.getExpires().isBefore(expires)) {
if (starts != null) {
if (existingPermission.getStarts() == null
|| existingPermission.getStarts().isAfter(starts)) {
permission = existingPermission; permission = existingPermission;
break; break;
} }
} else if (existingPermission.getStarts() == null) {
permission = existingPermission;
break;
}
}
} }
if (permission == null || !additional) { if (permission == null || !additional) {
@ -359,6 +372,11 @@ public class PermissionManager implements UserDataProvider {
permission.setStarts(permissionStarts); permission.setStarts(permissionStarts);
permission.setExpires(permissionsExpires); permission.setExpires(permissionsExpires);
} else { } else {
if (permission.getStarts() != null
&& permission.getStarts().isBefore(Instant.now())) {
permission.setStarts(null);
}
permission.setExpires(InstantHelper.plus(permission.getExpires(), permission.setExpires(InstantHelper.plus(permission.getExpires(),
permissionMapping.getLifetime(), permissionMapping.getLifetimeUnit())); permissionMapping.getLifetime(), permissionMapping.getLifetimeUnit()));
} }

View File

@ -184,6 +184,7 @@ public class OidcTokenManager implements SmartInitializingSingleton {
Builder claimsSetBuilder = new Builder(); Builder claimsSetBuilder = new Builder();
claimsSetBuilder.subject(String.valueOf(user.getId())); claimsSetBuilder.subject(String.valueOf(user.getId()));
claimsSetBuilder.claim("name", user.getUsername()); claimsSetBuilder.claim("name", user.getUsername());
claimsSetBuilder.claim("username", user.getUsername());
claimsSetBuilder.claim("preferred_username", user.getUsername()); claimsSetBuilder.claim("preferred_username", user.getUsername());
UserProfileField emailProfileField = userProfileFieldManager.get(user.getId(), UserProfileField emailProfileField = userProfileFieldManager.get(user.getId(),

View File

@ -13,7 +13,7 @@
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<java.version>11</java.version> <java.version>11</java.version>
<log4j2.version>2.17.1</log4j2.version> <log4j2.version>2.17.1</log4j2.version>
<revision>1.6.2-SNAPSHOT</revision> <revision>1.6.3-SNAPSHOT</revision>
</properties> </properties>
<parent> <parent>