import static java.lang.String.format;
-public class AafPermissionService extends BaseLoggingClass {
+class AafPermissionService extends BaseLoggingClass {
private static final String INSTANCE_PREFIX = ":topic.";
private final AafService aafService;
private final DmaapService dmaapService;
- public AafPermissionService() {
- this(new AafService(AafService.ServiceType.AAF_TopicMgr), new DmaapService());
- }
-
AafPermissionService(AafService aafService, DmaapService dmaapService) {
this.aafService = aafService;
this.dmaapService = dmaapService;
}
ApiError grantClientRolePerms(MR_Client client) {
- try {
- String instance = INSTANCE_PREFIX + client.getFqtn();
-
- for (String action : client.getAction()) {
- grantPermForClientRole(client.getClientRole(), instance, action);
- }
-
- } catch (PermissionServiceException e) {
- return handleErrorStatus(e.getCode(), client, e.getMessage());
- }
- return handleOkStatus(client);
+ return forEachClientAction(client, this::grantPermForClientRole);
}
- ApiError revokeClientPerms(MR_Client client) {
+ private ApiError forEachClientAction(MR_Client client, PermissionUpdate permissionUpdate) {
try {
String instance = INSTANCE_PREFIX + client.getFqtn();
for (String action : client.getAction()) {
- revokePermForClientRole(client.getClientRole(), instance, action);
+ permissionUpdate.execute(client.getClientRole(), instance, action);
}
} catch (PermissionServiceException e) {
}
}
- private void revokePermForClientRole(String clientRole, String instance, String action) throws PermissionServiceException {
- DmaapPerm perm = new DmaapPerm(dmaapService.getTopicPerm(), instance, action);
- DmaapGrant g = new DmaapGrant(perm, clientRole);
- int code = aafService.delGrant(g);
- if (code != 200 && code != 404) {
- throw new PermissionServiceException(code, format("Revoke of %s|%s|%s failed for %s",
- dmaapService.getTopicPerm(), instance, action, clientRole));
- }
- }
-
private ApiError handleErrorStatus(int code, MR_Client client, String message) {
ApiError apiError = new ApiError(code, message);
client.setStatus(DmaapObject_Status.INVALID);
return message;
}
}
+
+ @FunctionalInterface
+ interface PermissionUpdate {
+ void execute(String clientRole, String instance, String action) throws PermissionServiceException;
+ }
}