Move getGrantsForTarget method to helper class

graylog2-server/src/main/java/org/graylog/events/contentpack/facade/EventDefinitionFacade.java

@@ -34,7 +34,7 @@
 import org.graylog.scheduler.DBJobDefinitionService;
 import org.graylog.scheduler.JobDefinitionDto;
 import org.graylog.security.GrantDTO;
-import org.graylog.security.entities.EntityRegistrar;
+import org.graylog.security.shares.EntityGrantLookup;
 import org.graylog2.contentpacks.EntityDescriptorIds;
 import org.graylog2.contentpacks.facades.EntityFacade;
 import org.graylog2.contentpacks.model.EntityPermissions;
@@ -71,7 +71,7 @@ public class EventDefinitionFacade implements EntityFacade<EventDefinitionDto> {
     private final DBEventDefinitionService eventDefinitionService;
     private final Set<PluginMetaData> pluginMetaData;
     private final UserService userService;
-    private final EntityRegistrar entityRegistrar;
+    private final EntityGrantLookup grantLookup;
 
     @Inject
     public EventDefinitionFacade(ObjectMapper objectMapper,
@@ -80,14 +80,14 @@ public EventDefinitionFacade(ObjectMapper objectMapper,
                                  DBJobDefinitionService jobDefinitionService,
                                  DBEventDefinitionService eventDefinitionService,
                                  UserService userService,
-                                 EntityRegistrar entityRegistrar) {
+                                 EntityGrantLookup grantLookup) {
         this.objectMapper = objectMapper;
         this.pluginMetaData = pluginMetaData;
         this.eventDefinitionHandler = eventDefinitionHandler;
         this.jobDefinitionService = jobDefinitionService;
         this.eventDefinitionService = eventDefinitionService;
         this.userService = userService;
-        this.entityRegistrar = entityRegistrar;
+        this.grantLookup = grantLookup;
     }
 
     @VisibleForTesting
@@ -230,7 +230,7 @@ public boolean usesScopedEntities() {
 
     @Override
     public List<GrantDTO> resolveGrants(EventDefinitionDto nativeEntity) {
-        return entityRegistrar.getGrantsForTarget(GRNTypes.EVENT_DEFINITION, nativeEntity.id());
+        return grantLookup.getGrantsForTarget(GRNTypes.EVENT_DEFINITION, nativeEntity.id());
     }
 
     @Override

graylog2-server/src/main/java/org/graylog/security/entities/EntityRegistrar.java

@@ -23,24 +23,18 @@
 import org.graylog.grn.GRNRegistry;
 import org.graylog.grn.GRNType;
 import org.graylog.grn.GRNTypes;
-import org.graylog.security.DBGrantService;
-import org.graylog.security.GrantDTO;
 import org.graylog2.plugin.database.users.User;
 
-import java.util.List;
 import java.util.Set;
 
 @Singleton
 public class EntityRegistrar {
-    // TODO: get rid of this dependency
-    private final DBGrantService dbGrantService;
     private final GRNRegistry grnRegistry;
     private final Provider<Set<EntityRegistrationHandler>> registrationHandlersProvider;
 
     @Inject
-    public EntityRegistrar(DBGrantService dbGrantService, GRNRegistry grnRegistry,
+    public EntityRegistrar(GRNRegistry grnRegistry,
                            Provider<Set<EntityRegistrationHandler>> registrationHandlersProvider) {
-        this.dbGrantService = dbGrantService;
         this.grnRegistry = grnRegistry;
         this.registrationHandlersProvider = registrationHandlersProvider;
     }
@@ -81,12 +75,6 @@ public void unregisterEntity(final String id, final GRNType grnType) {
         unregisterEntity(grnRegistry.newGRN(grnType, id));
     }
 
-    // TODO: move this method to a more appropriate place
-    public List<GrantDTO> getGrantsForTarget(final GRNType type, final String id) {
-        final GRN grn = grnRegistry.newGRN(type, id);
-        return dbGrantService.getForTarget(grn);
-    }
-
     public void unregisterStream(String id) {
         unregisterEntity(id, GRNTypes.STREAM);
     }

graylog2-server/src/main/java/org/graylog/security/shares/EntityGrantLookup.java

@@ -0,0 +1,49 @@
+/*
+ * Copyright (C) 2020 Graylog, Inc.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the Server Side Public License, version 1,
+ * as published by MongoDB, Inc.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * Server Side Public License for more details.
+ *
+ * You should have received a copy of the Server Side Public License
+ * along with this program. If not, see
+ * <http://www.mongodb.com/licensing/server-side-public-license>.
+ */
+package org.graylog.security.shares;
+
+import jakarta.inject.Inject;
+import jakarta.inject.Singleton;
+import org.graylog.grn.GRN;
+import org.graylog.grn.GRNRegistry;
+import org.graylog.grn.GRNType;
+import org.graylog.security.DBGrantService;
+import org.graylog.security.GrantDTO;
+
+import java.util.List;
+
+/**
+ * Lightweight grant lookup. Kept separate from {@link EntitySharesService} so that callers
+ * (e.g. content pack facades reachable via {@link org.graylog.security.entities.EntityDependencyResolver})
+ * can resolve grants without dragging in the full sharing dependency graph and creating a Guice cycle.
+ */
+@Singleton
+public class EntityGrantLookup {
+    private final GRNRegistry grnRegistry;
+    private final DBGrantService grantService;
+
+    @Inject
+    public EntityGrantLookup(GRNRegistry grnRegistry, DBGrantService grantService) {
+        this.grnRegistry = grnRegistry;
+        this.grantService = grantService;
+    }
+
+    public List<GrantDTO> getGrantsForTarget(GRNType type, String id) {
+        final GRN grn = grnRegistry.newGRN(type, id);
+        return grantService.getForTarget(grn);
+    }
+}

graylog2-server/src/main/java/org/graylog2/contentpacks/facades/DashboardFacade.java

@@ -22,7 +22,7 @@
 import org.graylog.plugins.views.search.views.ViewDTO;
 import org.graylog.plugins.views.search.views.ViewService;
 import org.graylog.plugins.views.search.views.ViewSummaryService;
-import org.graylog.security.entities.EntityRegistrar;
+import org.graylog.security.shares.EntityGrantLookup;
 import org.graylog2.contentpacks.model.EntityPermissions;
 import org.graylog2.contentpacks.model.ModelType;
 import org.graylog2.contentpacks.model.ModelTypes;
@@ -41,8 +41,8 @@ public DashboardFacade(ObjectMapper objectMapper,
                            ViewService viewService,
                            ViewSummaryService viewSummaryService,
                            UserService userService,
-                           EntityRegistrar entityRegistrar) {
-        super(objectMapper, searchDbService, viewService, viewSummaryService, userService, entityRegistrar);
+                           EntityGrantLookup grantLookup) {
+        super(objectMapper, searchDbService, viewService, viewSummaryService, userService, grantLookup);
     }
 
     @Override

graylog2-server/src/main/java/org/graylog2/contentpacks/facades/SearchFacade.java

@@ -24,7 +24,7 @@
 import org.graylog.plugins.views.search.views.ViewDTO;
 import org.graylog.plugins.views.search.views.ViewService;
 import org.graylog.plugins.views.search.views.ViewSummaryService;
-import org.graylog.security.entities.EntityRegistrar;
+import org.graylog.security.shares.EntityGrantLookup;
 import org.graylog2.contentpacks.model.EntityPermissions;
 import org.graylog2.contentpacks.model.ModelType;
 import org.graylog2.contentpacks.model.ModelTypes;
@@ -44,8 +44,8 @@ public SearchFacade(ObjectMapper objectMapper,
                         ViewService viewService,
                         ViewSummaryService viewSummaryService,
                         UserService userService,
-                        EntityRegistrar entityRegistrar) {
-        super(objectMapper, searchDbService, viewService, viewSummaryService, userService, entityRegistrar);
+                        EntityGrantLookup grantLookup) {
+        super(objectMapper, searchDbService, viewService, viewSummaryService, userService, grantLookup);
     }
 
     @Override

graylog2-server/src/main/java/org/graylog2/contentpacks/facades/ViewFacade.java

@@ -34,7 +34,7 @@
 import org.graylog.plugins.views.search.views.ViewSummaryDTO;
 import org.graylog.plugins.views.search.views.ViewSummaryService;
 import org.graylog.security.GrantDTO;
-import org.graylog.security.entities.EntityRegistrar;
+import org.graylog.security.shares.EntityGrantLookup;
 import org.graylog2.contentpacks.EntityDescriptorIds;
 import org.graylog2.contentpacks.model.ModelId;
 import org.graylog2.contentpacks.model.ModelType;
@@ -74,21 +74,21 @@ public abstract class ViewFacade implements EntityWithExcerptFacade<ViewDTO, Vie
     private final SearchDbService searchDbService;
     private final ViewSummaryService viewSummaryService;
     protected final UserService userService;
-    private final EntityRegistrar entityRegistrar;
+    private final EntityGrantLookup grantLookup;
 
     @Inject
     public ViewFacade(ObjectMapper objectMapper,
                       SearchDbService searchDbService,
                       ViewService viewService,
                       ViewSummaryService viewSummaryService,
                       UserService userService,
-                      EntityRegistrar entityRegistrar) {
+                      EntityGrantLookup grantLookup) {
         this.objectMapper = objectMapper;
         this.searchDbService = searchDbService;
         this.viewService = viewService;
         this.viewSummaryService = viewSummaryService;
         this.userService = userService;
-        this.entityRegistrar = entityRegistrar;
+        this.grantLookup = grantLookup;
     }
 
     @Override
@@ -223,7 +223,7 @@ public Graph<Entity> resolveForInstallation(Entity entity,
     @Override
     public List<GrantDTO> resolveGrants(ViewDTO nativeEntity) {
         final GRNType type = nativeEntity.type().equals(ViewDTO.Type.DASHBOARD) ? GRNTypes.DASHBOARD : GRNTypes.SEARCH;
-        return entityRegistrar.getGrantsForTarget(type, nativeEntity.id());
+        return grantLookup.getGrantsForTarget(type, nativeEntity.id());
     }
 
     @SuppressWarnings("UnstableApiUsage")

graylog2-server/src/main/java/org/graylog2/contentpacks/facades/dashboardV1/DashboardV1Facade.java

@@ -26,7 +26,7 @@
 import org.graylog.plugins.views.search.views.ViewService;
 import org.graylog.plugins.views.search.views.ViewSummaryDTO;
 import org.graylog.plugins.views.search.views.ViewSummaryService;
-import org.graylog.security.entities.EntityRegistrar;
+import org.graylog.security.shares.EntityGrantLookup;
 import org.graylog2.contentpacks.facades.ViewFacade;
 import org.graylog2.contentpacks.model.EntityPermissions;
 import org.graylog2.contentpacks.model.ModelType;
@@ -58,8 +58,8 @@ public DashboardV1Facade(ObjectMapper objectMapper,
                              ViewService viewService,
                              ViewSummaryService viewSummaryService,
                              UserService userService,
-                             EntityRegistrar entityRegistrar) {
-        super(objectMapper, searchDbService, viewService, viewSummaryService, userService, entityRegistrar);
+                             EntityGrantLookup grantLookup) {
+        super(objectMapper, searchDbService, viewService, viewSummaryService, userService, grantLookup);
         this.objectMapper = objectMapper;
         this.entityConverter = entityConverter;
     }

graylog2-server/src/main/java/org/graylog2/database/entities/source/EntitySource.java

@@ -39,6 +39,7 @@ public abstract class EntitySource implements MongoEntity {
     // Entity types
     public static final String VIEW_TYPE = "view";
     public static final String EVENT_DEFINITION_TYPE = "event_definition";
+    public static final String REPORT_TYPE = "report";
 
     public static final String FIELD_ID = "id";
     public static final String FIELD_SOURCE = "source";

graylog2-server/src/test/java/org/graylog/events/contentpack/facade/EventDefinitionFacadeTest.java

@@ -53,6 +53,7 @@
 import org.graylog.scheduler.JobTriggerDto;
 import org.graylog.scheduler.clock.JobSchedulerClock;
 import org.graylog.security.entities.EntityRegistrar;
+import org.graylog.security.shares.EntityGrantLookup;
 import org.graylog.testing.mongodb.MongoDBExtension;
 import org.graylog.testing.mongodb.MongoDBFixtures;
 import org.graylog.testing.mongodb.MongoDBTestService;
@@ -138,6 +139,8 @@ public class EventDefinitionFacadeTest {
     @Mock
     private EntityRegistrar entityRegistrar;
     @Mock
+    private EntityGrantLookup grantLookup;
+    @Mock
     private EventProcessorConfig mockEventProcessorConfig;
     @Mock
     private ClusterEventBus clusterEventBus;
@@ -179,7 +182,7 @@ public void setUp(MongoDBTestService dbTestService) throws Exception {
                 jobDefinitionService,
                 eventDefinitionService,
                 userService,
-                entityRegistrar);
+                grantLookup);
     }
 
     @Test
@@ -354,7 +357,7 @@ public void listExcerpts() {
     @Test
     public void listExcerptsExcludesNonContentPackExportableEventDefinitions() {
         EventDefinitionFacade testFacade = new EventDefinitionFacade(
-                objectMapper, eventDefinitionHandler, new HashSet<>(), jobDefinitionService, mockEventDefinitionService, userService, entityRegistrar);
+                objectMapper, eventDefinitionHandler, new HashSet<>(), jobDefinitionService, mockEventDefinitionService, userService, grantLookup);
         EventDefinitionDto dto = validEventDefinitionDto(mockEventProcessorConfig);
 
         when(mockEventProcessorConfig.isContentPackExportable()).thenReturn(false);

graylog2-server/src/test/java/org/graylog/security/entities/EntityRegistrarTest.java

@@ -18,7 +18,6 @@
 
 import org.graylog.grn.GRNRegistry;
 import org.graylog.grn.GRNTypes;
-import org.graylog.security.DBGrantService;
 import org.graylog2.plugin.database.users.User;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
@@ -33,7 +32,6 @@ class EntityRegistrarTest {
     private final GRNRegistry grnRegistry = GRNRegistry.createWithBuiltinTypes();
 
     private EntityRegistrar entityRegistrar;
-    private DBGrantService dbGrantService;
 
     private EntityRegistrationHandler handler1;
     private EntityRegistrationHandler handler2;
@@ -45,8 +43,7 @@ void setUp() {
         this.handler2 = mock(EntityRegistrationHandler.class);
         this.registrationHandlers = Set.of(handler1, handler2);
 
-        this.dbGrantService = mock(DBGrantService.class);
-        this.entityRegistrar = new EntityRegistrar(dbGrantService, grnRegistry, () -> registrationHandlers);
+        this.entityRegistrar = new EntityRegistrar(grnRegistry, () -> registrationHandlers);
     }
 
     @Test

graylog2-server/src/test/java/org/graylog2/contentpacks/ContentPackServiceTest.java

@@ -56,7 +56,7 @@
 import org.graylog.scheduler.DBJobDefinitionService;
 import org.graylog.security.Capability;
 import org.graylog.security.UserContext;
-import org.graylog.security.entities.EntityRegistrar;
+import org.graylog.security.shares.EntityGrantLookup;
 import org.graylog.security.shares.EntityShareRequest;
 import org.graylog.security.shares.EntitySharesService;
 import org.graylog2.Configuration;
@@ -205,10 +205,10 @@ public class ContentPackServiceTest {
     @Mock
     private Configuration configuration;
     @Mock
-    private EntityRegistrar entityRegistrar;
-    @Mock
     private EntitySharesService entitySharesService;
     @Mock
+    private EntityGrantLookup grantLookup;
+    @Mock
     private FavoriteFieldsService favoriteFieldsService;
 
     private ContentPackService contentPackService;
@@ -231,8 +231,8 @@ public void setUp() throws Exception {
                 ModelTypes.GROK_PATTERN_V1, new GrokPatternFacade(objectMapper, patternService),
                 ModelTypes.STREAM_V1, new StreamFacade(objectMapper, streamService, streamRuleService, indexSetService, userService, favoriteFieldsService),
                 ModelTypes.OUTPUT_V1, new OutputFacade(objectMapper, outputService, pluginMetaData, outputFactories, outputFactories2),
-                ModelTypes.SEARCH_V1, new SearchFacade(objectMapper, searchDbService, viewService, viewSummaryService, userService, entityRegistrar),
-                ModelTypes.EVENT_DEFINITION_V1, new EventDefinitionFacade(objectMapper, eventDefinitionHandler, pluginMetaData, jobDefinitionService, eventDefinitionService, userService, entityRegistrar),
+                ModelTypes.SEARCH_V1, new SearchFacade(objectMapper, searchDbService, viewService, viewSummaryService, userService, grantLookup),
+                ModelTypes.EVENT_DEFINITION_V1, new EventDefinitionFacade(objectMapper, eventDefinitionHandler, pluginMetaData, jobDefinitionService, eventDefinitionService, userService, grantLookup),
                 ModelTypes.INPUT_V1, new InputFacade(objectMapper, inputService, inputRegistry, lookupTableService, grokPatternService, messageInputFactory,
                         extractorFactory, converterFactory, serverStatus, pluginMetaData, new HashMap<>())
         );

graylog2-server/src/test/java/org/graylog2/contentpacks/facades/DashboardV1FacadeTest.java

@@ -39,10 +39,9 @@
 import org.graylog.plugins.views.search.views.widgets.aggregation.ValueConfigDTO;
 import org.graylog.plugins.views.search.views.widgets.aggregation.sort.PivotSortConfig;
 import org.graylog.plugins.views.search.views.widgets.messagelist.MessageListConfigDTO;
-import org.graylog.security.entities.EntityRegistrar;
+import org.graylog.security.shares.EntityGrantLookup;
 import org.graylog.testing.mongodb.MongoDBExtension;
 import org.graylog.testing.mongodb.MongoDBFixtures;
-import org.graylog2.bindings.providers.MongoJackObjectMapperProvider;
 import org.graylog2.contentpacks.facades.dashboardV1.DashboardV1Facade;
 import org.graylog2.contentpacks.facades.dashboardV1.DashboardWidgetConverter;
 import org.graylog2.contentpacks.facades.dashboardV1.EntityConverter;
@@ -54,7 +53,6 @@
 import org.graylog2.contentpacks.model.entities.NativeEntity;
 import org.graylog2.contentpacks.model.entities.PivotEntity;
 import org.graylog2.database.MongoCollections;
-import org.graylog2.database.MongoConnection;
 import org.graylog2.database.NotFoundException;
 import org.graylog2.plugin.cluster.ClusterConfigService;
 import org.graylog2.plugin.streams.Stream;
@@ -111,13 +109,13 @@ public void setUp(MongoCollections mongoCollections) throws IOException {
         ViewFacadeTest.TestViewService viewService = new ViewFacadeTest.TestViewService(null, mongoCollections);
         ViewFacadeTest.TestViewSummaryService viewSummaryService = new ViewFacadeTest.TestViewSummaryService(mongoCollections);
         UserService userService = mock(UserService.class);
-        EntityRegistrar entityRegistrar = mock(EntityRegistrar.class);
+        EntityGrantLookup grantLookup = mock(EntityGrantLookup.class);
         final UserImpl fakeUser = new UserImpl(mock(PasswordAlgorithmFactory.class), new Permissions(ImmutableSet.of()),
                 mock(ClusterConfigService.class), new ObjectMapperProvider().get(), ImmutableMap.of("username", "testuser"));
         when(userService.load("testuser")).thenReturn(fakeUser);
         final DashboardWidgetConverter dashboardWidgetConverter = new DashboardWidgetConverter();
         final EntityConverter entityConverter = new EntityConverter(dashboardWidgetConverter);
-        DashboardV1Facade facade = new DashboardV1Facade(objectMapper, searchDbService, entityConverter, viewService, viewSummaryService, userService, entityRegistrar);
+        DashboardV1Facade facade = new DashboardV1Facade(objectMapper, searchDbService, entityConverter, viewService, viewSummaryService, userService, grantLookup);
         final URL resourceUrl = Resources.getResource(DashboardV1Facade.class, "content-pack-dashboard-v1.json");
         final ContentPack contentPack = objectMapper.readValue(resourceUrl, ContentPack.class);
         assertThat(contentPack).isInstanceOf(ContentPackV1.class);