Revision 126347d2
Added by Andreas Kohlbecker over 6 years ago
| cdmlib-services/src/main/java/eu/etaxonomy/cdm/api/application/FirstDataInserter.java | ||
|---|---|---|
| 9 | 9 |
package eu.etaxonomy.cdm.api.application; |
| 10 | 10 |
|
| 11 | 11 |
import java.util.Arrays; |
| 12 |
import java.util.EnumSet; |
|
| 12 | 13 |
import java.util.HashSet; |
| 13 | 14 |
import java.util.List; |
| 14 | 15 |
import java.util.Set; |
| ... | ... | |
| 36 | 37 |
import eu.etaxonomy.cdm.model.common.Group; |
| 37 | 38 |
import eu.etaxonomy.cdm.model.common.User; |
| 38 | 39 |
import eu.etaxonomy.cdm.model.metadata.CdmMetaData; |
| 40 |
import eu.etaxonomy.cdm.persistence.hibernate.permission.CRUD; |
|
| 41 |
import eu.etaxonomy.cdm.persistence.hibernate.permission.CdmAuthority; |
|
| 42 |
import eu.etaxonomy.cdm.persistence.hibernate.permission.CdmPermissionClass; |
|
| 39 | 43 |
import eu.etaxonomy.cdm.persistence.hibernate.permission.Role; |
| 40 | 44 |
import eu.etaxonomy.cdm.persistence.query.OrderHint; |
| 41 | 45 |
|
| ... | ... | |
| 67 | 71 |
//@RunAs("ROLE_ADMIN") // seems to be broken in spring see: https://jira.springsource.org/browse/SEC-1671
|
| 68 | 72 |
public class FirstDataInserter extends AbstractDataInserter {
|
| 69 | 73 |
|
| 74 |
/** |
|
| 75 |
* |
|
| 76 |
*/ |
|
| 77 |
private static final EnumSet<CRUD> CREATE_READ = EnumSet.of(CRUD.CREATE, CRUD.READ); |
|
| 78 |
private static final EnumSet<CRUD> UPDATE_DELETE = EnumSet.of(CRUD.UPDATE, CRUD.DELETE); |
|
| 79 |
private static final EnumSet<CRUD> CREATE_READ_UPDATE = EnumSet.of(CRUD.CREATE, CRUD.READ, CRUD.UPDATE); |
|
| 80 |
private static final EnumSet<CRUD> CREATE_READ_UPDATE_DELETE = EnumSet.of(CRUD.CREATE, CRUD.READ, CRUD.UPDATE, CRUD.DELETE); |
|
| 81 |
|
|
| 70 | 82 |
public static final Logger logger = Logger.getLogger(FirstDataInserter.class); |
| 71 | 83 |
|
| 72 | 84 |
public static final String[] EDITOR_GROUP_AUTHORITIES = new String[]{
|
| 73 |
"REFERENCE.[CREATE,READ]", |
|
| 74 |
"TAXONNAME.[CREATE,READ,UPDATE]", |
|
| 75 |
"TEAMORPERSONBASE.[CREATE,READ]", |
|
| 76 |
"TAXONBASE.[CREATE,UPDATE,DELETE,READ]", |
|
| 77 |
"DESCRIPTIONBASE.[CREATE,UPDATE,DELETE,READ]", |
|
| 78 |
"DESCRIPTIONELEMENTBASE.[CREATE,UPDATE,DELETE,READ]", |
|
| 85 |
new CdmAuthority(CdmPermissionClass.REFERENCE, CREATE_READ).toString(), |
|
| 86 |
new CdmAuthority(CdmPermissionClass.TAXONNAME, CREATE_READ_UPDATE).toString(), |
|
| 87 |
new CdmAuthority(CdmPermissionClass.TEAMORPERSONBASE, CREATE_READ).toString(), |
|
| 88 |
new CdmAuthority(CdmPermissionClass.TAXONBASE, CREATE_READ_UPDATE_DELETE).toString(), |
|
| 89 |
new CdmAuthority(CdmPermissionClass.DESCRIPTIONBASE, CREATE_READ_UPDATE_DELETE).toString(), |
|
| 90 |
new CdmAuthority(CdmPermissionClass.DESCRIPTIONELEMENTBASE, CREATE_READ_UPDATE_DELETE).toString(), |
|
| 91 |
new CdmAuthority(CdmPermissionClass.TYPEDESIGNATIONBASE, CREATE_READ_UPDATE_DELETE).toString(), |
|
| 79 | 92 |
}; |
| 80 | 93 |
|
| 81 | 94 |
public static final String[] PROJECT_MANAGER_GROUP_AUTHORITIES = new String[]{
|
| 82 |
"REFERENCE.[UPDATE,DELETE]",
|
|
| 83 |
"TAXONNAME.[DELETE]",
|
|
| 84 |
"TEAMORPERSONBASE.[UPDATE,DELETE]",
|
|
| 95 |
new CdmAuthority(CdmPermissionClass.REFERENCE, UPDATE_DELETE).toString(),
|
|
| 96 |
new CdmAuthority(CdmPermissionClass.TAXONNAME, EnumSet.of(CRUD.DELETE)).toString(),
|
|
| 97 |
new CdmAuthority(CdmPermissionClass.TEAMORPERSONBASE, UPDATE_DELETE).toString(),
|
|
| 85 | 98 |
Role.ROLE_PROJECT_MANAGER.toString(), |
| 86 | 99 |
}; |
| 87 | 100 |
|
Also available in: Unified diff
ref #7016 implementing TypeDesignationVoter and more robust permissions: