View Javadoc
1   /*
2    * Licensed to The Apereo Foundation under one or more contributor license
3    * agreements. See the NOTICE file distributed with this work for additional
4    * information regarding copyright ownership.
5    *
6    *
7    * The Apereo Foundation licenses this file to you under the Educational
8    * Community License, Version 2.0 (the "License"); you may not use this file
9    * except in compliance with the License. You may obtain a copy of the License
10   * at:
11   *
12   *   http://opensource.org/licenses/ecl2.txt
13   *
14   * Unless required by applicable law or agreed to in writing, software
15   * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
16   * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the
17   * License for the specific language governing permissions and limitations under
18   * the License.
19   *
20   */
21  
22  package org.opencastproject.graphql.command;
23  
24  import org.opencastproject.authorization.xacml.manager.api.AclService;
25  import org.opencastproject.authorization.xacml.manager.api.AclServiceFactory;
26  import org.opencastproject.elasticsearch.api.SearchIndexException;
27  import org.opencastproject.elasticsearch.index.ElasticsearchIndex;
28  import org.opencastproject.graphql.event.GqlEvent;
29  import org.opencastproject.graphql.exception.GraphQLNotFoundException;
30  import org.opencastproject.graphql.exception.GraphQLRuntimeException;
31  import org.opencastproject.graphql.exception.GraphQLUnauthorizedException;
32  import org.opencastproject.graphql.execution.context.OpencastContext;
33  import org.opencastproject.graphql.execution.context.OpencastContextManager;
34  import org.opencastproject.graphql.type.input.AccessControlListInput;
35  import org.opencastproject.graphql.util.GraphQLObjectMapper;
36  import org.opencastproject.index.service.api.IndexService;
37  import org.opencastproject.index.service.exception.IndexServiceException;
38  import org.opencastproject.security.api.AccessControlEntry;
39  import org.opencastproject.security.api.AccessControlList;
40  import org.opencastproject.security.api.SecurityService;
41  import org.opencastproject.security.api.UnauthorizedException;
42  import org.opencastproject.util.NotFoundException;
43  
44  public class UpdateEventAclCommand extends AbstractCommand<GqlEvent> {
45  
46    private final String eventId;
47  
48    public UpdateEventAclCommand(final Builder builder) {
49      super(builder);
50      this.eventId = builder.eventId;
51    }
52  
53    @Override
54    public GqlEvent execute() {
55      OpencastContext context = OpencastContextManager.getCurrentContext();
56      final ElasticsearchIndex index = context.getService(ElasticsearchIndex.class);
57      final IndexService indexService = context.getService(IndexService.class);
58  
59      final AccessControlListInput aclInput = GraphQLObjectMapper.newInstance()
60          .convertValue(environment.getArgument("acl"), AccessControlListInput.class);
61  
62      try {
63        AccessControlList acl = new AccessControlList();
64        for (var entry : aclInput.getEntries()) {
65          for (var action : entry.getAction()) {
66            acl.getEntries().add(new AccessControlEntry(entry.getRole(), action, true));
67          }
68        }
69  
70        if (aclInput.getManagedAclId() != null) {
71          AclService aclService = context.getService(AclServiceFactory.class)
72                                         .serviceFor(context.getService(SecurityService.class).getOrganization());
73          aclService.getAcl(aclInput.getManagedAclId())
74                    .ifPresent(value -> acl.merge(value.getAcl()));
75        }
76        indexService.updateEventAcl(eventId, acl, index);
77      } catch (IndexServiceException | SearchIndexException e) {
78        throw new GraphQLRuntimeException(e);
79      } catch (UnauthorizedException e) {
80        throw new GraphQLUnauthorizedException(e.getMessage());
81      } catch (NotFoundException e) {
82        throw new GraphQLNotFoundException(e.getMessage());
83      }
84  
85      try {
86        return new GqlEvent(indexService.getEvent(eventId, index).get());
87      } catch (SearchIndexException e) {
88        throw new GraphQLRuntimeException(e);
89      }
90    }
91  
92  
93    public static Builder create(String eventId) {
94      return new Builder(eventId);
95    }
96  
97    public static class Builder extends AbstractCommand.Builder<GqlEvent> {
98  
99      private final String eventId;
100 
101     public Builder(String eventId) {
102       this.eventId = eventId;
103     }
104 
105     @Override
106     public void validate() {
107       super.validate();
108       if (eventId == null || eventId.isEmpty()) {
109         throw new IllegalStateException("Event ID cannot be null or empty");
110       }
111     }
112 
113     @Override
114     public UpdateEventAclCommand build() {
115       validate();
116       return new UpdateEventAclCommand(this);
117     }
118   }
119 
120 }