-class PermLookup {
- private AuthzTrans trans;
- private String user;
- private Question q;
- private Result<List<UserRoleDAO.Data>> userRoles = null;
- private Result<List<RoleDAO.Data>> roles = null;
- private Result<Set<String>> permNames = null;
- private Result<List<PermDAO.Data>> perms = null;
-
- private PermLookup() {}
-
- static PermLookup get(AuthzTrans trans, Question q, String user) {
- PermLookup lp=null;
- Map<String, PermLookup> permMap = trans.get(Question.PERMS, null);
- if (permMap == null) {
- trans.put(Question.PERMS, permMap = new HashMap<String, PermLookup>());
- } else {
- lp = permMap.get(user);
- }
+public class PermLookup {
+ private AuthzTrans trans;
+ private String user;
+ private Question q;
+ private Result<List<UserRoleDAO.Data>> userRoles = null;
+ private Result<List<RoleDAO.Data>> roles = null;
+ private Result<Set<String>> permNames = null;
+ private Result<List<PermDAO.Data>> perms = null;
+
+ private PermLookup() {}
+
+ public static PermLookup get(AuthzTrans trans, Question q, String user) {
+ PermLookup lp=null;
+ Map<String, PermLookup> permMap = trans.get(Question.PERMS, null);
+ if (permMap == null) {
+ trans.put(Question.PERMS, permMap = new HashMap<>());
+ } else {
+ lp = permMap.get(user);
+ }
+
+ if (lp == null) {
+ lp = new PermLookup();
+ lp.trans = trans;
+ lp.user = user;
+ lp.q = q;
+ permMap.put(user, lp);
+ }
+ return lp;
+ }
+
+ public Result<List<UserRoleDAO.Data>> getUserRoles() {
+ if (userRoles==null) {
+ userRoles = q.userRoleDAO().readByUser(trans,user);
+ if (userRoles.isOKhasData()) {
+ List<UserRoleDAO.Data> lurdd = new ArrayList<>();
+ Date now = new Date();
+ for (UserRoleDAO.Data urdd : userRoles.value) {
+ if (urdd.expires.after(now) || trans.org().isUserExpireExempt(user, urdd.expires)) { // Remove Expired
+ lurdd.add(urdd);
+ }
+ }
+ if (lurdd.size()==0) {
+ return userRoles = Result.err(Status.ERR_UserNotFound,
+ "%s not found or not associated with any Roles: ",
+ user);
+ } else {
+ return userRoles = Result.ok(lurdd);
+ }
+ } else {
+ return userRoles;
+ }
+ } else {
+ return userRoles;
+ }
+ }
+
+ public Result<List<RoleDAO.Data>> getRoles() {
+ if (roles==null) {
+ Result<List<UserRoleDAO.Data>> rur = getUserRoles();
+ if (rur.isOK()) {
+ List<RoleDAO.Data> lrdd = new ArrayList<>();
+ for (UserRoleDAO.Data urdata : rur.value) {
+ // Gather all permissions from all Roles
+ if (urdata.ns==null || urdata.rname==null) {
+ return Result.err(Status.ERR_BadData,"DB Content Error: nulls in User Role %s %s", urdata.user,urdata.role);
+ } else {
+ Result<List<RoleDAO.Data>> rlrd = q.roleDAO().read(
+ trans, urdata.ns, urdata.rname);
+ if (rlrd.isOK()) {
+ lrdd.addAll(rlrd.value);
+ }
+ }
+ }
+ return roles = Result.ok(lrdd);
+ } else {
+ return roles = Result.err(rur);
+ }
+ } else {
+ return roles;
+ }
+ }