Yevgeny Zaspitsky has uploaded a new change for review. Change subject: engine: refactor PermissionsCommandBase.isSystemSuperUser method out ......................................................................
engine: refactor PermissionsCommandBase.isSystemSuperUser method out Refactor PermissionsCommandBase.isSystemSuperUser method out in order to be ablle to reuse that in different class hierarchies. Change-Id: I7b87b1709a3fc80fdcd090a0079189cef4a6ab62 Bug-Url: https://bugzilla.redhat.com/1025796 Signed-off-by: Yevgeny Zaspitsky <yzasp...@redhat.com> --- A backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/IsSystemSuperUserPredicate.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/PermissionsCommandBase.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/utils/BllCDIAdapter.java 3 files changed, 55 insertions(+), 7 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/79/38379/1 diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/IsSystemSuperUserPredicate.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/IsSystemSuperUserPredicate.java new file mode 100644 index 0000000..96b4ee9 --- /dev/null +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/IsSystemSuperUserPredicate.java @@ -0,0 +1,40 @@ +package org.ovirt.engine.core.bll; + +import java.util.Objects; + +import javax.inject.Inject; +import javax.inject.Named; +import javax.inject.Singleton; + +import org.ovirt.engine.core.common.businessentities.Permissions; +import org.ovirt.engine.core.compat.Guid; +import org.ovirt.engine.core.dao.PermissionDAO; +import org.ovirt.engine.core.utils.linq.Predicate; + +@Named +@Singleton +final class IsSystemSuperUserPredicate implements Predicate<Guid> { + + private final PermissionDAO permissionDao; + + @Inject + public IsSystemSuperUserPredicate(PermissionDAO permissionDao) { + Objects.requireNonNull(permissionDao, "permissionDao cannot be null"); + + this.permissionDao = permissionDao; + } + + @Override + public boolean eval(Guid userId) { + Permissions superUserPermission = getPermissionDao() + .getForRoleAndAdElementAndObjectWithGroupCheck( + PredefinedRoles.SUPER_USER.getId(), + userId, + MultiLevelAdministrationHandler.SYSTEM_OBJECT_ID); + return superUserPermission != null; + } + + PermissionDAO getPermissionDao() { + return permissionDao; + } +} diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/PermissionsCommandBase.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/PermissionsCommandBase.java index 9c8c7dc..b54bae4 100644 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/PermissionsCommandBase.java +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/PermissionsCommandBase.java @@ -3,6 +3,9 @@ import java.util.ArrayList; import java.util.List; +import javax.inject.Inject; +import javax.inject.Named; + import org.ovirt.engine.core.bll.context.CommandContext; import org.ovirt.engine.core.bll.utils.PermissionSubject; import org.ovirt.engine.core.common.action.PermissionsOperationsParameters; @@ -11,8 +14,13 @@ import org.ovirt.engine.core.common.businessentities.aaa.DbGroup; import org.ovirt.engine.core.common.businessentities.aaa.DbUser; import org.ovirt.engine.core.compat.Guid; +import org.ovirt.engine.core.utils.linq.Predicate; public abstract class PermissionsCommandBase<T extends PermissionsOperationsParameters> extends CommandBase<T> { + + @Named + @Inject + private Predicate<Guid> isSystemSuperUserPredicate; /** * Constructor for command creation when compensation is applied on startup @@ -89,13 +97,7 @@ } protected boolean isSystemSuperUser() { - Permissions superUserPermission = - getPermissionDAO() - .getForRoleAndAdElementAndObjectWithGroupCheck( - PredefinedRoles.SUPER_USER.getId(), - getCurrentUser().getId(), - MultiLevelAdministrationHandler.SYSTEM_OBJECT_ID); - return superUserPermission != null; + return isSystemSuperUserPredicate.eval(getCurrentUser().getId()); } // TODO - this code is shared with addPermissionCommand - check if diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/utils/BllCDIAdapter.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/utils/BllCDIAdapter.java index d30e95d..f533cc5 100644 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/utils/BllCDIAdapter.java +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/utils/BllCDIAdapter.java @@ -4,6 +4,7 @@ import javax.enterprise.inject.Produces; import javax.enterprise.inject.spi.InjectionPoint; import org.ovirt.engine.core.dal.dbbroker.DbFacade; +import org.ovirt.engine.core.dao.PermissionDAO; import org.ovirt.engine.core.dao.StoragePoolDAO; import org.ovirt.engine.core.dao.VdsGroupDAO; import org.ovirt.engine.core.dao.VmDynamicDAO; @@ -77,6 +78,11 @@ return dbFacade.getHostNetworkQosDao(); } + @Produces + private PermissionDAO producePermissionDao(DbFacade dbFacade) { + return dbFacade.getPermissionDao(); + } + protected BllCDIAdapter() { // hide me } -- To view, visit https://gerrit.ovirt.org/38379 To unsubscribe, visit https://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I7b87b1709a3fc80fdcd090a0079189cef4a6ab62 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Yevgeny Zaspitsky <yzasp...@redhat.com> _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
