in server/src/main/java/com/epam/aidial/core/server/service/ShareService.java [295:337]
public void revokeSharedAccess(
String bucket, String location, Map<ResourceDescriptor, Set<ResourceAccessType>> permissionsToRevoke) {
if (permissionsToRevoke.isEmpty()) {
throw new IllegalArgumentException("No resources provided");
}
// validate that all resources belong to the user, who perform this action
permissionsToRevoke.forEach((resource, permissions) -> {
if (!resource.getBucketName().equals(bucket)) {
throw new IllegalArgumentException("You are only allowed to revoke access from own resources");
}
});
permissionsToRevoke.forEach((resource, permissionsToRemove) -> {
ResourceType resourceType = resource.getType();
String resourceUrl = resource.getUrl();
ResourceDescriptor sharedByMeResource = getShareResource(ResourceTypes.SHARED_BY_ME, resourceType, bucket, location);
String state = resourceService.getResource(sharedByMeResource);
SharedByMeDto dto = ProxyUtil.convertToObject(state, SharedByMeDto.class);
if (dto != null) {
Set<String> userLocations = dto.collectUsersForPermissions(resourceUrl, permissionsToRemove);
// if userLocations is empty - this means that provided resource wasn't shared
if (userLocations.isEmpty()) {
return;
}
userLocations.forEach(user -> {
String userBucket = encryptionService.encrypt(user);
removeSharedResourcePermissions(userBucket, user, resourceUrl, resourceType, permissionsToRemove);
});
resourceService.computeResource(sharedByMeResource, ownerState -> {
SharedByMeDto sharedByMeDto = ProxyUtil.convertToObject(state, SharedByMeDto.class);
if (sharedByMeDto != null) {
sharedByMeDto.removePermissionsFromResource(resourceUrl, permissionsToRemove);
}
return ProxyUtil.convertToString(sharedByMeDto);
});
}
});
}