-
Notifications
You must be signed in to change notification settings - Fork 215
/
ImmutablePolicyBuilder.java
executable file
·417 lines (342 loc) · 15.6 KB
/
ImmutablePolicyBuilder.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
/*
* Copyright (c) 2017 Contributors to the Eclipse Foundation
*
* See the NOTICE file(s) distributed with this work for additional
* information regarding copyright ownership.
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License 2.0 which is available at
* http://www.eclipse.org/legal/epl-2.0
*
* SPDX-License-Identifier: EPL-2.0
*/
package org.eclipse.ditto.policies.model;
import static org.eclipse.ditto.base.model.common.ConditionChecker.checkNotNull;
import java.time.Instant;
import java.util.Collection;
import java.util.LinkedHashMap;
import java.util.LinkedHashSet;
import java.util.Map;
import java.util.Optional;
import java.util.stream.Collectors;
import javax.annotation.Nullable;
import javax.annotation.concurrent.NotThreadSafe;
import org.eclipse.ditto.base.model.entity.metadata.Metadata;
/**
* A mutable builder for a {@link ImmutablePolicy} with a fluent API.
*/
@NotThreadSafe
final class ImmutablePolicyBuilder implements PolicyBuilder {
private final Map<Label, Map<SubjectId, Subject>> subjects;
private final Map<Label, Map<ResourceKey, Permissions>> grantedPermissions;
private final Map<Label, Map<ResourceKey, Permissions>> revokedPermissions;
private final Map<Label, ImportableType> importableTypes;
private PolicyImports policyImports;
@Nullable private PolicyId id;
@Nullable private PolicyLifecycle lifecycle;
@Nullable private PolicyRevision revision;
@Nullable private Instant modified;
@Nullable private Instant created;
@Nullable private Metadata metadata;
private ImmutablePolicyBuilder() {
subjects = new LinkedHashMap<>();
grantedPermissions = new LinkedHashMap<>();
revokedPermissions = new LinkedHashMap<>();
importableTypes = new LinkedHashMap<>();
policyImports = PolicyImports.emptyInstance();
id = null;
lifecycle = null;
revision = null;
modified = null;
created = null;
metadata = null;
}
/**
* Returns a new empty builder for a {@code Policy}.
*
* @return the new builder.
*/
public static ImmutablePolicyBuilder newInstance() {
return new ImmutablePolicyBuilder();
}
/**
* Returns a new empty builder for a {@code Policy}.
*
* @param id the ID of the new Policy.
* @return the new builder.
* @throws PolicyIdInvalidException if {@code policyId} did not comply to
* {@link org.eclipse.ditto.base.model.entity.id.RegexPatterns#ID_REGEX}.
*/
public static ImmutablePolicyBuilder of(final PolicyId id) {
return new ImmutablePolicyBuilder().setId(id);
}
/**
* Returns a new builder for a {@code Policy} which is initialised with the given entries. Be aware: if there are
* several entries with the same {@link Label} in the given Iterable, later entries will replace earlier ones.
*
* @param id the ID of the new Policy.
* @param policyEntries the initials entries of the new builder.
* @return the new builder.
* @throws NullPointerException if {@code policyEntries} is null;
* @throws PolicyIdInvalidException if {@code policyId} did not comply to
* {@link org.eclipse.ditto.base.model.entity.id.RegexPatterns#ID_REGEX}.
*/
public static PolicyBuilder of(final PolicyId id, final Iterable<PolicyEntry> policyEntries) {
checkNotNull(policyEntries, "initial Policy entries");
final ImmutablePolicyBuilder result = new ImmutablePolicyBuilder();
result.setId(id);
policyEntries.forEach(result::set);
return result;
}
/**
* Returns a new builder for a {@code Policy} based on the given {@code existingPolicy}.
*
* @param existingPolicy the existing Policy to instantiate the builder with.
* @return the new builder.
* @throws NullPointerException if {@code existingPolicy} is {@code null}.
* @throws PolicyIdInvalidException if {@code policyId} did not comply to
* {@link org.eclipse.ditto.base.model.entity.id.RegexPatterns#ID_REGEX}.
*/
public static PolicyBuilder of(final Policy existingPolicy) {
checkNotNull(existingPolicy, "existing Policy");
final ImmutablePolicyBuilder result = new ImmutablePolicyBuilder()
.setLifecycle(existingPolicy.getLifecycle().orElse(null))
.setRevision(existingPolicy.getRevision().orElse(null))
.setModified(existingPolicy.getModified().orElse(null))
.setPolicyImports(existingPolicy.getPolicyImports());
existingPolicy.getEntityId().ifPresent(result::setId);
existingPolicy.forEach(result::set);
return result;
}
@Override
public LabelScoped forLabel(final Label label) {
return ImmutablePolicyBuilderLabelScoped.newInstance(this, label);
}
@Override
public ImmutablePolicyBuilder setId(final PolicyId id) {
this.id = checkNotNull(id, "Policy ID");
return this;
}
@Override
public ImmutablePolicyBuilder setLifecycle(@Nullable final PolicyLifecycle lifecycle) {
this.lifecycle = lifecycle;
return this;
}
@Override
public ImmutablePolicyBuilder setRevision(@Nullable final PolicyRevision revision) {
this.revision = revision;
return this;
}
@Override
public ImmutablePolicyBuilder setModified(@Nullable final Instant modified) {
this.modified = modified;
return this;
}
@Override
public ImmutablePolicyBuilder setPolicyImport(final PolicyImport policyImport) {
checkNotNull(policyImport, "policyImport");
this.policyImports = this.policyImports.setPolicyImport(policyImport);
return this;
}
@Override
public ImmutablePolicyBuilder setPolicyImports(final PolicyImports policyImports) {
checkNotNull(policyImports, "policyImports");
this.policyImports = policyImports;
return this;
}
@Override
public ImmutablePolicyBuilder setCreated(@Nullable final Instant created) {
this.created = created;
return this;
}
@Override
public ImmutablePolicyBuilder setMetadata(@Nullable final Metadata metadata) {
this.metadata = metadata;
return this;
}
@Override
public ImmutablePolicyBuilder set(final PolicyEntry entry) {
setPolicyEntry(checkNotNull(entry, "entry to be set"));
return this;
}
private void setPolicyEntry(final PolicyEntry entry) {
putAllSubjects(entry);
final Label label = entry.getLabel();
grantedPermissions.put(label, new LinkedHashMap<>());
revokedPermissions.put(label, new LinkedHashMap<>());
setResourcesFor(entry.getLabel(), entry.getResources());
setImportableFor(label, entry.getImportableType());
}
private void putAllSubjects(final PolicyEntry policyEntry) {
final Subjects entrySubjects = policyEntry.getSubjects();
final Map<SubjectId, Subject> subjectsMap = new LinkedHashMap<>(entrySubjects.getSize());
entrySubjects.forEach(entrySubject -> subjectsMap.put(entrySubject.getId(), entrySubject));
subjects.put(policyEntry.getLabel(), subjectsMap);
}
@Override
public ImmutablePolicyBuilder setAll(final Iterable<PolicyEntry> entries) {
checkNotNull(entries, "entries to be set");
entries.forEach(this::setPolicyEntry);
return this;
}
@Override
public ImmutablePolicyBuilder remove(final CharSequence label) {
checkNotNull(label, "label of the entry to be removed");
removePolicyEntryFor(Label.of(label));
return this;
}
private void removePolicyEntryFor(final Label label) {
subjects.remove(label);
grantedPermissions.remove(label);
revokedPermissions.remove(label);
}
@Override
public ImmutablePolicyBuilder removeAll(final Iterable<PolicyEntry> entries) {
checkNotNull(entries, "entries to be removed");
entries.forEach(this::remove);
return this;
}
@Override
public ImmutablePolicyBuilder setSubjectsFor(final CharSequence label, final Subjects subjects) {
checkNotNull(subjects, "Subjects to be set");
final Map<SubjectId, Subject> existingSubject = retrieveExistingSubjects(label);
subjects.forEach(subject -> existingSubject.put(subject.getId(), subject));
return this;
}
private Map<SubjectId, Subject> retrieveExistingSubjects(final CharSequence label) {
return subjects.computeIfAbsent(Label.of(label), l -> new LinkedHashMap<>());
}
@Override
public ImmutablePolicyBuilder setSubjectFor(final CharSequence label, final Subject subject) {
checkNotNull(subject, "Subject to be set");
final Map<SubjectId, Subject> existingSubject = retrieveExistingSubjects(label);
existingSubject.put(subject.getId(), subject);
return this;
}
@Override
public ImmutablePolicyBuilder removeSubjectFor(final CharSequence label,
final CharSequence subjectIssuerWithId) {
final Map<SubjectId, Subject> existingSubject = retrieveExistingSubjects(label);
existingSubject.remove(SubjectId.newInstance(subjectIssuerWithId));
return this;
}
@Override
public ImmutablePolicyBuilder removeSubjectFor(final CharSequence label, final Subject subject) {
checkNotNull(subject, "Subject");
final Map<SubjectId, Subject> existingSubject = retrieveExistingSubjects(label);
existingSubject.remove(subject.getId());
return this;
}
@Override
public ImmutablePolicyBuilder setResourcesFor(final CharSequence label, final Resources resources) {
checkNotNull(resources, "Resources to be set");
final Map<ResourceKey, Permissions> grantedMap = retrieveGrantedPermissions(label);
final Map<ResourceKey, Permissions> revokedMap = retrieveRevokedPermissions(label);
resources.forEach(resource -> {
final ResourceKey resourceKey = resource.getResourceKey();
final EffectedPermissions effectedPermissions = resource.getEffectedPermissions();
grantedMap.put(resourceKey, effectedPermissions.getGrantedPermissions());
revokedMap.put(resourceKey, effectedPermissions.getRevokedPermissions());
});
return this;
}
@Override
public ImmutablePolicyBuilder setImportableFor(final CharSequence label, final ImportableType importableType) {
checkNotNull(importableType, "importableType");
importableTypes.put(Label.of(label), importableType);
return this;
}
private Map<ResourceKey, Permissions> retrieveGrantedPermissions(final CharSequence label) {
return getPermissions(label, grantedPermissions);
}
private static Map<ResourceKey, Permissions> getPermissions(final CharSequence l,
final Map<Label, Map<ResourceKey, Permissions>> permissionsMap) {
return permissionsMap.computeIfAbsent(Label.of(l), k -> new LinkedHashMap<>());
}
private Map<ResourceKey, Permissions> retrieveRevokedPermissions(final CharSequence label) {
return getPermissions(label, revokedPermissions);
}
@Override
public ImmutablePolicyBuilder setResourceFor(final CharSequence label, final Resource resource) {
return setResourcesFor(label, Resources.newInstance(resource));
}
@Override
public ImmutablePolicyBuilder removeResourceFor(final CharSequence label, final ResourceKey resourceKey) {
checkNotNull(resourceKey, "key of the resource to be removed");
retrieveGrantedPermissions(label).remove(resourceKey);
retrieveRevokedPermissions(label).remove(resourceKey);
return this;
}
@Override
public ImmutablePolicyBuilder removeResourceFor(final CharSequence label, final Resource resource) {
checkNotNull(resource, "the resource to be removed");
return removeResourceFor(label, resource.getResourceKey());
}
@Override
public ImmutablePolicyBuilder setPermissionsFor(final CharSequence label, final ResourceKey resourceKey,
final EffectedPermissions effectedPermissions) {
checkResourceKey(resourceKey);
checkNotNull(effectedPermissions, "permissions to be set");
retrieveGrantedPermissions(label).put(resourceKey, effectedPermissions.getGrantedPermissions());
retrieveRevokedPermissions(label).put(resourceKey, effectedPermissions.getRevokedPermissions());
return this;
}
private static void checkResourceKey(final ResourceKey resourceKey) {
checkNotNull(resourceKey, "resource key");
}
@Override
public ImmutablePolicyBuilder setGrantedPermissionsFor(final CharSequence label, final ResourceKey resourceKey,
final Permissions grantedPermissions) {
checkResourceKey(resourceKey);
checkNotNull(revokedPermissions, "granted permissions");
retrieveGrantedPermissions(label).put(resourceKey, grantedPermissions);
return this;
}
@Override
public ImmutablePolicyBuilder setRevokedPermissionsFor(final CharSequence label, final ResourceKey resourceKey,
final Permissions revokedPermissions) {
checkResourceKey(resourceKey);
checkNotNull(revokedPermissions, "revoked permissions");
retrieveRevokedPermissions(label).put(resourceKey, revokedPermissions);
return this;
}
@Override
public Policy build() {
final Collection<Label> allLabels = getAllLabels();
final Collection<PolicyEntry> policyEntries = allLabels.stream()
.map(lbl -> getImportableType(lbl).map(
importableType -> PoliciesModelFactory.newPolicyEntry(lbl, getSubjectsForLabel(lbl),
getResourcesForLabel(lbl), importableType))
.orElseGet(() -> PoliciesModelFactory.newPolicyEntry(lbl, getSubjectsForLabel(lbl),
getResourcesForLabel(lbl))))
.collect(Collectors.toList());
return ImmutablePolicy.of(id, lifecycle, revision, modified, created, metadata, policyImports, policyEntries);
}
private Collection<Label> getAllLabels() {
final Collection<Label> result = new LinkedHashSet<>(subjects.keySet());
result.addAll(grantedPermissions.keySet());
result.addAll(revokedPermissions.keySet());
return result;
}
private Subjects getSubjectsForLabel(final CharSequence label) {
return PoliciesModelFactory.newSubjects(retrieveExistingSubjects(label).values());
}
private Optional<ImportableType> getImportableType(final CharSequence label) {
return Optional.ofNullable(importableTypes.get(Label.of(label)));
}
private Resources getResourcesForLabel(final CharSequence label) {
final Map<ResourceKey, Permissions> grantedMap = retrieveGrantedPermissions(label);
final Map<ResourceKey, Permissions> revokedMap = retrieveRevokedPermissions(label);
final Collection<ResourceKey> allResourceKeys = new LinkedHashSet<>(grantedMap.keySet());
allResourceKeys.addAll(revokedMap.keySet());
final Collection<Resource> resourcesList = allResourceKeys.stream()
.map(resourceKey -> {
final Permissions granted = grantedMap.get(resourceKey);
final Permissions revoked = revokedMap.get(resourceKey);
final EffectedPermissions ep = PoliciesModelFactory.newEffectedPermissions(granted, revoked);
return PoliciesModelFactory.newResource(resourceKey, ep);
})
.collect(Collectors.toList());
return PoliciesModelFactory.newResources(resourcesList);
}
}