Skip to content

Commit

Permalink
fix fallback getRowPermission for not existing row
Browse files Browse the repository at this point in the history
  • Loading branch information
zingmane committed Oct 11, 2023
1 parent e46456b commit 6ff3a5b
Show file tree
Hide file tree
Showing 4 changed files with 25 additions and 16 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -1063,7 +1063,9 @@ class RetrieveRowModel(val connection: DatabaseConnection)(

def retrieveRowPermissions(tableId: TableId, rowId: RowId): Future[RowPermissions] = {
for {
(_, rowPermissions, _) <- retrieveAnnotations(tableId, rowId, Seq())
(_, rowPermissions, _) <- retrieveAnnotations(tableId, rowId, Seq()).recover({
case _ => (RowLevelAnnotations(false), RowPermissions(Json.arr()), CellLevelAnnotations(Seq(), Json.arr()))
})
} yield {
rowPermissions
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -163,7 +163,7 @@ case class ConditionRow(jsonObject: JsonObject) extends ConditionOption(jsonObje
case (Some(row: Row), _) =>
Option(row.rowPermissions) match {
case Some(rp) if rp.value.size == 0 => true
case None => false
case None => false // TODO check if this is correct
case Some(rp) => checkCondition(Some(rp))
}
case (_, Some(rowPermissions: RowPermissions)) => checkCondition(Some(rowPermissions))
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -274,9 +274,9 @@ class RoleModel(jsonObject: JsonObject) extends LazyLogging {
objects: ComparisonObjects = ComparisonObjects()
): Boolean = {

def grantPermissions: Seq[Permission] = filterPermissions(userRoles, Grant, action)
def grantPermissions: Seq[Permission] = filterPermissions(userRoles, Grant, action, true)

def denyPermissions: Seq[Permission] = filterPermissions(userRoles, Deny, action)
def denyPermissions: Seq[Permission] = filterPermissions(userRoles, Deny, action, true)

val grantPermissionOpt: Option[Permission] = grantPermissions.find(_.isMatching(action, objects))
grantPermissionOpt match {
Expand Down Expand Up @@ -343,19 +343,25 @@ class RoleModel(jsonObject: JsonObject) extends LazyLogging {
})
.mkString("\n")

private def getPermissionsForRoles(roleNames: Seq[String]): Seq[Permission] =
(role2permissions.filter({ case (key, _) => roleNames.contains(key) }
).values.flatten.toSeq) :+ defaultViewRowPermission
private def getPermissionsForRoles(
roleNames: Seq[String],
shouldIncludeDefaultPermissions: Boolean
): Seq[Permission] = {
val permissionsByRole = role2permissions.filter({ case (key, _) => roleNames.contains(key) }).values.flatten.toSeq

def filterPermissions(roleNames: Seq[String], permissionType: PermissionType): Seq[Permission] =
filterPermissions(roleNames, Some(permissionType), None)
shouldIncludeDefaultPermissions match {
case true => permissionsByRole :+ defaultViewRowPermission
case false => permissionsByRole
}
}

def filterPermissions(
roleNames: Seq[String],
permissionType: PermissionType,
action: Action
action: Action,
shouldIncludeDefaultPermissions: Boolean
): Seq[Permission] =
filterPermissions(roleNames, Some(permissionType), Some(action))
filterPermissions(roleNames, Some(permissionType), Some(action), shouldIncludeDefaultPermissions)

/**
* Filters permissions for role name, permissionType and action
Expand All @@ -366,10 +372,11 @@ class RoleModel(jsonObject: JsonObject) extends LazyLogging {
def filterPermissions(
roleNames: Seq[String],
permissionTypeOpt: Option[PermissionType] = None,
actionOpt: Option[Action] = None
actionOpt: Option[Action] = None,
shouldIncludeDefaultPermissions: Boolean = false
): Seq[Permission] = {

val permissions: Seq[Permission] = getPermissionsForRoles(roleNames)
val permissions: Seq[Permission] = getPermissionsForRoles(roleNames, shouldIncludeDefaultPermissions)

permissions
.filter(permission => permissionTypeOpt.forall(permission.permissionType == _))
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -196,7 +196,7 @@ class RoleModelTest {

val roleModel: RoleModel = RoleModel(json)
val permissions: Seq[Permission] =
roleModel.filterPermissions(Seq("view-tables1", "view-tables2"), Grant, ViewTable)
roleModel.filterPermissions(Seq("view-tables1", "view-tables2"), Grant, ViewTable, false)
Assert.assertEquals(2, permissions.size)
}

Expand Down Expand Up @@ -227,7 +227,7 @@ class RoleModelTest {

val roleModel: RoleModel = RoleModel(json)
val permissions: Seq[Permission] =
roleModel.filterPermissions(Seq("view-tables1", "view-tables2"), Grant, ViewTable)
roleModel.filterPermissions(Seq("view-tables1", "view-tables2"), Grant, ViewTable, false)
Assert.assertEquals(1, permissions.size)
}

Expand All @@ -254,7 +254,7 @@ class RoleModelTest {

val roleModel: RoleModel = RoleModel(json)
val permissions: Seq[Permission] =
roleModel.filterPermissions(Seq("view-tables1"), Deny, ViewTable)
roleModel.filterPermissions(Seq("view-tables1"), Deny, ViewTable, false)
Assert.assertEquals(1, permissions.size)
}
}

0 comments on commit 6ff3a5b

Please sign in to comment.