Revision 126347d2
Added by Andreas Kohlbecker over 6 years ago
cdmlib-services/src/main/java/eu/etaxonomy/cdm/api/application/FirstDataInserter.java | ||
---|---|---|
9 | 9 |
package eu.etaxonomy.cdm.api.application; |
10 | 10 |
|
11 | 11 |
import java.util.Arrays; |
12 |
import java.util.EnumSet; |
|
12 | 13 |
import java.util.HashSet; |
13 | 14 |
import java.util.List; |
14 | 15 |
import java.util.Set; |
... | ... | |
36 | 37 |
import eu.etaxonomy.cdm.model.common.Group; |
37 | 38 |
import eu.etaxonomy.cdm.model.common.User; |
38 | 39 |
import eu.etaxonomy.cdm.model.metadata.CdmMetaData; |
40 |
import eu.etaxonomy.cdm.persistence.hibernate.permission.CRUD; |
|
41 |
import eu.etaxonomy.cdm.persistence.hibernate.permission.CdmAuthority; |
|
42 |
import eu.etaxonomy.cdm.persistence.hibernate.permission.CdmPermissionClass; |
|
39 | 43 |
import eu.etaxonomy.cdm.persistence.hibernate.permission.Role; |
40 | 44 |
import eu.etaxonomy.cdm.persistence.query.OrderHint; |
41 | 45 |
|
... | ... | |
67 | 71 |
//@RunAs("ROLE_ADMIN") // seems to be broken in spring see: https://jira.springsource.org/browse/SEC-1671 |
68 | 72 |
public class FirstDataInserter extends AbstractDataInserter { |
69 | 73 |
|
74 |
/** |
|
75 |
* |
|
76 |
*/ |
|
77 |
private static final EnumSet<CRUD> CREATE_READ = EnumSet.of(CRUD.CREATE, CRUD.READ); |
|
78 |
private static final EnumSet<CRUD> UPDATE_DELETE = EnumSet.of(CRUD.UPDATE, CRUD.DELETE); |
|
79 |
private static final EnumSet<CRUD> CREATE_READ_UPDATE = EnumSet.of(CRUD.CREATE, CRUD.READ, CRUD.UPDATE); |
|
80 |
private static final EnumSet<CRUD> CREATE_READ_UPDATE_DELETE = EnumSet.of(CRUD.CREATE, CRUD.READ, CRUD.UPDATE, CRUD.DELETE); |
|
81 |
|
|
70 | 82 |
public static final Logger logger = Logger.getLogger(FirstDataInserter.class); |
71 | 83 |
|
72 | 84 |
public static final String[] EDITOR_GROUP_AUTHORITIES = new String[]{ |
73 |
"REFERENCE.[CREATE,READ]", |
|
74 |
"TAXONNAME.[CREATE,READ,UPDATE]", |
|
75 |
"TEAMORPERSONBASE.[CREATE,READ]", |
|
76 |
"TAXONBASE.[CREATE,UPDATE,DELETE,READ]", |
|
77 |
"DESCRIPTIONBASE.[CREATE,UPDATE,DELETE,READ]", |
|
78 |
"DESCRIPTIONELEMENTBASE.[CREATE,UPDATE,DELETE,READ]", |
|
85 |
new CdmAuthority(CdmPermissionClass.REFERENCE, CREATE_READ).toString(), |
|
86 |
new CdmAuthority(CdmPermissionClass.TAXONNAME, CREATE_READ_UPDATE).toString(), |
|
87 |
new CdmAuthority(CdmPermissionClass.TEAMORPERSONBASE, CREATE_READ).toString(), |
|
88 |
new CdmAuthority(CdmPermissionClass.TAXONBASE, CREATE_READ_UPDATE_DELETE).toString(), |
|
89 |
new CdmAuthority(CdmPermissionClass.DESCRIPTIONBASE, CREATE_READ_UPDATE_DELETE).toString(), |
|
90 |
new CdmAuthority(CdmPermissionClass.DESCRIPTIONELEMENTBASE, CREATE_READ_UPDATE_DELETE).toString(), |
|
91 |
new CdmAuthority(CdmPermissionClass.TYPEDESIGNATIONBASE, CREATE_READ_UPDATE_DELETE).toString(), |
|
79 | 92 |
}; |
80 | 93 |
|
81 | 94 |
public static final String[] PROJECT_MANAGER_GROUP_AUTHORITIES = new String[]{ |
82 |
"REFERENCE.[UPDATE,DELETE]",
|
|
83 |
"TAXONNAME.[DELETE]",
|
|
84 |
"TEAMORPERSONBASE.[UPDATE,DELETE]",
|
|
95 |
new CdmAuthority(CdmPermissionClass.REFERENCE, UPDATE_DELETE).toString(),
|
|
96 |
new CdmAuthority(CdmPermissionClass.TAXONNAME, EnumSet.of(CRUD.DELETE)).toString(),
|
|
97 |
new CdmAuthority(CdmPermissionClass.TEAMORPERSONBASE, UPDATE_DELETE).toString(),
|
|
85 | 98 |
Role.ROLE_PROJECT_MANAGER.toString(), |
86 | 99 |
}; |
87 | 100 |
|
Also available in: Unified diff
ref #7016 implementing TypeDesignationVoter and more robust permissions: