1   /*
2    * Copyright 2019 LINE Corporation
3    *
4    * LINE Corporation licenses this file to you under the Apache License,
5    * version 2.0 (the "License"); you may not use this file except in compliance
6    * with the License. You may obtain a copy of the License at:
7    *
8    *   https://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12   * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13   * License for the specific language governing permissions and limitations
14   * under the License.
15   */
16  
17  package com.linecorp.centraldogma.server.metadata;
18  
19  import static java.util.Objects.requireNonNull;
20  
21  import java.util.Collection;
22  import java.util.Objects;
23  import java.util.Set;
24  
25  import javax.annotation.Nullable;
26  
27  import com.fasterxml.jackson.annotation.JsonCreator;
28  import com.fasterxml.jackson.annotation.JsonProperty;
29  import com.google.common.base.MoreObjects;
30  import com.google.common.collect.ImmutableList;
31  import com.google.common.collect.Sets;
32  
33  import com.linecorp.centraldogma.common.ProjectRole;
34  import com.linecorp.centraldogma.server.storage.repository.Repository;
35  
36  /**
37   * A default permission for a {@link Repository}.
38   */
39  public final class PerRolePermissions {
40  
41      /**
42       * {@link Permission}s for administrators.
43       */
44      public static final Collection<Permission> READ_WRITE = ImmutableList.of(Permission.READ, Permission.WRITE);
45      public static final Collection<Permission> READ_ONLY = ImmutableList.of(Permission.READ);
46      public static final Collection<Permission> NO_PERMISSION = ImmutableList.of();
47  
48      /**
49       * The default permission.
50       *
51       * @deprecated Use {@link #ofDefault()}.
52       */
53      @Deprecated
54      public static final PerRolePermissions DEFAULT =
55              new PerRolePermissions(READ_WRITE, READ_WRITE, NO_PERMISSION, null);
56      private static final PerRolePermissions internalPermissions =
57              new PerRolePermissions(READ_WRITE, NO_PERMISSION, NO_PERMISSION, null);
58  
59      /**
60       * Creates a {@link PerRolePermissions} which allows read/write a repository from an owner.
61       */
62      public static PerRolePermissions ofInternal() {
63          return internalPermissions;
64      }
65  
66      /**
67       * Creates a {@link PerRolePermissions} which allows read/write to owners and members.
68       */
69      public static PerRolePermissions ofDefault() {
70          return DEFAULT;
71      }
72  
73      /**
74       * Creates a {@link PerRolePermissions} which allows accessing a repository from everyone.
75       */
76      public static PerRolePermissions ofPublic() {
77          return new PerRolePermissions(READ_WRITE, READ_WRITE, READ_WRITE, null);
78      }
79  
80      /**
81       * Creates a {@link PerRolePermissions} which allows accessing a repository from a project member.
82       */
83      public static PerRolePermissions ofPrivate() {
84          return new PerRolePermissions(READ_WRITE, READ_WRITE, NO_PERMISSION, null);
85      }
86  
87      /**
88       * {@link Permission}s for a {@link ProjectRole#OWNER}.
89       */
90      private final Set<Permission> owner;
91  
92      /**
93       * {@link Permission}s for a {@link ProjectRole#MEMBER}.
94       */
95      private final Set<Permission> member;
96  
97      /**
98       * {@link Permission}s for a {@link ProjectRole#GUEST}.
99       */
100     private final Set<Permission> guest;
101 
102     /**
103      * Creates an instance.
104      */
105     @JsonCreator
106     public PerRolePermissions(@JsonProperty("owner") Iterable<Permission> owner,
107                               @JsonProperty("member") Iterable<Permission> member,
108                               @JsonProperty("guest") Iterable<Permission> guest,
109                               // TODO(minwoox): Remove anonymous field after the migration.
110                               @JsonProperty("anonymous") @Nullable Iterable<Permission> unused) {
111         this.owner = Sets.immutableEnumSet(requireNonNull(owner, "owner"));
112         this.member = Sets.immutableEnumSet(requireNonNull(member, "member"));
113         this.guest = Sets.immutableEnumSet(requireNonNull(guest, "guest"));
114     }
115 
116     /**
117      * Returns the permissions granted to owners.
118      */
119     @JsonProperty
120     public Set<Permission> owner() {
121         return owner;
122     }
123 
124     /**
125      * Returns the permissions granted to members.
126      */
127     @JsonProperty
128     public Set<Permission> member() {
129         return member;
130     }
131 
132     /**
133      * Returns the permissions granted to guests.
134      */
135     @JsonProperty
136     public Set<Permission> guest() {
137         return guest;
138     }
139 
140     @Override
141     public int hashCode() {
142         return Objects.hash(owner, member, guest);
143     }
144 
145     @Override
146     public boolean equals(Object o) {
147         if (this == o) {
148             return true;
149         }
150         if (o == null || getClass() != o.getClass()) {
151             return false;
152         }
153 
154         final PerRolePermissions that = (PerRolePermissions) o;
155         return owner.equals(that.owner) &&
156                member.equals(that.member) &&
157                guest.equals(that.guest);
158     }
159 
160     @Override
161     public String toString() {
162         return MoreObjects.toStringHelper(this)
163                           .add("owner", owner())
164                           .add("member", member())
165                           .add("guest", guest())
166                           .toString();
167     }
168 }