gowthaman/readymixerp_modules_api
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

tighten the api

Browse Source
This commit is contained in:
gowthaman.b
2023-11-11 16:13:59 +05:30
parent 31388bae59
commit f35851d339
15 changed files with 247 additions and 143 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/main/kotlin/com/restapi/AppAccessManager.kt
View File

@@ -26,7 +26,6 @@ class AppAccessManager : AccessManager {
override fun manage(handler: Handler, ctx: Context, routeRoles: Set<RouteRole>) {
val pathParamMap = ctx.pathParamMap()
logger.warn("access {}, {}", pathParamMap, routeRoles)
val regex = Regex("^[a-zA-Z0-9\\-_\\.]+$")
if (pathParamMap.values.count { !regex.matches(it) } > 0) {
@@ -35,15 +34,16 @@ class AppAccessManager : AccessManager {
val entity = pathParamMap["entity"]
val action = pathParamMap["action"]
val allowedRoles = routeRoles.map { it as Role }.flatMap {
when (it) {
val allowedRoles = routeRoles.map { it as Roles }.flatMap { it.roles.toList() }.flatMap { role ->
when (role) {
Role.DbOps -> listOf("ROLE_DB_OPS")
Role.Entity -> loadEntityActionRole(entity, action)
is Role.Standard -> listOf("ROLE_${entity}_${it.action}")
is Role.Standard -> role.action.toList().map { "ROLE_${entity}_${it}" }
}.map(String::uppercase)
}
val isAllowed = currentRoles().count { allowedRoles.contains(it) } > 0
logger.warn("entity - $entity, action $action, userroles = ${currentRoles()}, allowed = $allowedRoles, isAllowed? $isAllowed, enforce? ${appConfig.enforceRoleRestriction()}")
if (isAllowed || !appConfig.enforceRoleRestriction() || allowedRoles.isEmpty()) {
//if role is allowed, or enforcement is turned off or no roles are explicitly allowed
handler.handle(ctx)