Project

General

Profile

« Previous | Next » 

Revision 51cc6f53

Added by Andreas Kohlbecker over 5 years ago

ref #7833 permission checking in RegistrationWorkingSetService

View differences:

cdmlib-services/src/main/java/eu/etaxonomy/cdm/api/service/registration/IRegistrationWorkingSetService.java
18 18 
import eu.etaxonomy.cdm.api.service.dto.RegistrationWorkingSet;
19 19 
import eu.etaxonomy.cdm.api.service.exception.RegistrationValidationException;
20 20 
import eu.etaxonomy.cdm.api.service.pager.Pager;
21 
import eu.etaxonomy.cdm.database.PermissionDeniedException;
21 22 
import eu.etaxonomy.cdm.model.common.User;
22 23 
import eu.etaxonomy.cdm.model.name.Registration;
23 24 
import eu.etaxonomy.cdm.model.name.RegistrationStatus;
......
55 56 
     *
56 57 
     * @return
57 58 
     */
59 
    @Deprecated
58 60 
    public RegistrationWorkingSet loadWorkingSetByReferenceID(Integer referenceID, boolean resolveSections) throws RegistrationValidationException;
59 61 

  		




  60
  62
  
    
    /**


  		




  ......




  63
  65
  
    
     *  use the inReference which is the journal article.


  		




  64
  66
  
    
     * @return


  		




  65
  67
  
    
     */


  		




  66
  
  
    
    public RegistrationWorkingSet loadWorkingSetByReferenceUuid(UUID referenceUuid, boolean resolveSections) throws RegistrationValidationException;


  		




  
  68
  
    
    public RegistrationWorkingSet loadWorkingSetByReferenceUuid(UUID referenceUuid, boolean resolveSections) throws RegistrationValidationException, PermissionDeniedException;


  		




  67
  69
  
    

  		




  68
  70
  
    
    public Set<RegistrationDTO> loadBlockingRegistrations(UUID blockedRegistrationUuid);


  		




  69
  71
  
    

  		












  

    
      cdmlib-services/src/main/java/eu/etaxonomy/cdm/api/service/registration/RegistrationWorkingSetService.java
    
  





  20
  20
  
    

  		




  21
  21
  
    
import org.apache.log4j.Logger;


  		




  22
  22
  
    
import org.hibernate.Hibernate;


  		




  
  23
  
    
import org.joda.time.DateTime;


  		




  
  24
  
    
import org.joda.time.Partial;


  		




  23
  25
  
    
import org.springframework.beans.factory.annotation.Autowired;


  		




  24
  26
  
    
import org.springframework.beans.factory.annotation.Qualifier;


  		




  25
  27
  
    
import org.springframework.stereotype.Service;


  		




  ......




  31
  33
  
    
import eu.etaxonomy.cdm.api.service.exception.RegistrationValidationException;


  		




  32
  34
  
    
import eu.etaxonomy.cdm.api.service.pager.Pager;


  		




  33
  35
  
    
import eu.etaxonomy.cdm.api.service.pager.impl.DefaultPagerImpl;


  		




  
  36
  
    
import eu.etaxonomy.cdm.api.utility.UserHelper;


  		




  
  37
  
    
import eu.etaxonomy.cdm.database.PermissionDeniedException;


  		




  34
  38
  
    
import eu.etaxonomy.cdm.hibernate.HibernateProxyHelper;


  		




  35
  39
  
    
import eu.etaxonomy.cdm.model.common.User;


  		




  36
  40
  
    
import eu.etaxonomy.cdm.model.name.Registration;


  		




  ......




  44
  48
  
    
import eu.etaxonomy.cdm.model.reference.Reference;


  		




  45
  49
  
    
import eu.etaxonomy.cdm.model.reference.ReferenceType;


  		




  46
  50
  
    
import eu.etaxonomy.cdm.persistence.dao.initializer.IBeanInitializer;


  		




  
  51
  
    
import eu.etaxonomy.cdm.persistence.hibernate.permission.CRUD;


  		




  47
  52
  
    
import eu.etaxonomy.cdm.persistence.query.MatchMode;


  		




  48
  53
  
    
import eu.etaxonomy.cdm.persistence.query.OrderHint;


  		




  49
  54
  
    
import eu.etaxonomy.cdm.persistence.query.OrderHint.SortOrder;


  		




  ......




  142
  147
  
    
    @Qualifier("cdmRepository")


  		




  143
  148
  
    
    private CdmRepository repo;


  		




  144
  149
  
    

  		




  
  150
  
    
    @Autowired


  		




  
  151
  
    
    private UserHelper userHelper;


  		




  
  152
  
    

  		




  145
  153
  
    
    @Autowired


  		




  146
  154
  
    
    protected IBeanInitializer defaultBeanInitializer;


  		




  147
  155
  
    

  		




  ......




  270
  278
  
    
     * @throws RegistrationValidationException


  		




  271
  279
  
    
     */


  		




  272
  280
  
    
    @Override


  		




  273
  
  
    
    public RegistrationWorkingSet loadWorkingSetByReferenceUuid(UUID referenceUuid, boolean resolveSections) throws RegistrationValidationException {


  		




  
  281
  
    
    public RegistrationWorkingSet loadWorkingSetByReferenceUuid(UUID referenceUuid, boolean resolveSections) throws RegistrationValidationException, PermissionDeniedException {


  		




  274
  282
  
    

  		




  275
  283
  
    
        Reference reference = repo.getReferenceService().load(referenceUuid); // needed to use load to avoid the problem described in #7331


  		




  276
  284
  
    
        if(resolveSections){


  		




  277
  285
  
    
            reference = resolveSection(reference);


  		




  278
  286
  
    
        }


  		




  279
  287
  
    

  		




  
  288
  
    
        checkPermissions(reference);


  		




  
  289
  
    

  		




  280
  290
  
    
        Pager<Registration> pager = repo.getRegistrationService().page(Optional.of(reference), null, null, null, REGISTRATION_DTO_INIT_STRATEGY);


  		




  281
  291
  
    

  		




  282
  292
  
    
        /* for debugging https://dev.e-taxonomy.eu/redmine/issues/7331 */


  		




  ......




  285
  295
  
    
    }


  		




  286
  296
  
    

  		




  287
  297
  
    

  		




  
  298
  
    
    /**


  		




  
  299
  
    
     * @param reference


  		




  
  300
  
    
     */


  		




  
  301
  
    
    private void checkPermissions(Reference reference) throws PermissionDeniedException {


  		




  
  302
  
    

  		




  
  303
  
    
        boolean permissionDenied = isPermissionDenied(reference);


  		




  
  304
  
    
        if(permissionDenied) {


  		




  
  305
  
    
            throw new PermissionDeniedException("Access to the workingset is denied for the current user.");


  		




  
  306
  
    
        }


  		




  
  307
  
    
    }


  		




  
  308
  
    

  		




  
  309
  
    

  		




  
  310
  
    
    /**


  		




  
  311
  
    
     * @param reference


  		




  
  312
  
    
     * @return


  		




  
  313
  
    
     */


  		




  
  314
  
    
    public boolean isPermissionDenied(Reference reference) {


  		




  
  315
  
    
        boolean permissionDenied = false;


  		




  
  316
  
    
        if(!checkReferencePublished(reference)){


  		




  
  317
  
    
            permissionDenied = !userHelper.userHasPermission(reference, CRUD.UPDATE);


  		




  
  318
  
    
        }


  		




  
  319
  
    
        return permissionDenied;


  		




  
  320
  
    
    }


  		




  
  321
  
    

  		




  
  322
  
    

  		




  
  323
  
    
    /**


  		




  
  324
  
    
     * @param reference


  		




  
  325
  
    
     * @return


  		




  
  326
  
    
     */


  		




  
  327
  
    
    public boolean checkReferencePublished(Reference reference) {


  		




  
  328
  
    

  		




  
  329
  
    
        if(reference.getDatePublished() == null){


  		




  
  330
  
    
            return false;


  		




  
  331
  
    
        }


  		




  
  332
  
    
        Partial pubPartial = null;


  		




  
  333
  
    
        if(reference.getDatePublished().getStart() != null){


  		




  
  334
  
    
            pubPartial = reference.getDatePublished().getStart();


  		




  
  335
  
    
        } else {


  		




  
  336
  
    
            pubPartial = reference.getDatePublished().getEnd();


  		




  
  337
  
    
        }


  		




  
  338
  
    
        if(pubPartial == null){


  		




  
  339
  
    
            return !reference.getDatePublished().getFreeText().isEmpty();


  		




  
  340
  
    
        }


  		




  
  341
  
    

  		




  
  342
  
    
        DateTime nowLocal = new DateTime();


  		




  
  343
  
    
        //LocalDateTime nowUTC = nowLocal.withZone(DateTimeZone.UTC).toLocalDateTime();


  		




  
  344
  
    

  		




  
  345
  
    
        DateTime pubDateTime = pubPartial.toDateTime(null);


  		




  
  346
  
    
        return nowLocal.isAfter(pubDateTime);


  		




  
  347
  
    

  		




  
  348
  
    
    }


  		




  
  349
  
    

  		




  
  350
  
    

  		




  288
  351
  
    
    /**


  		




  289
  352
  
    
     * @param reference


  		




  290
  353
  
    
     * @return


  		




  ......




  302
  365
  
    
     * @throws RegistrationValidationException


  		




  303
  366
  
    
     */


  		




  304
  367
  
    
    @Override


  		




  305
  
  
    
    public RegistrationWorkingSet loadWorkingSetByReferenceID(Integer referenceID, boolean resolveSections) throws RegistrationValidationException {


  		




  
  368
  
    
    public RegistrationWorkingSet loadWorkingSetByReferenceID(Integer referenceID, boolean resolveSections) throws RegistrationValidationException, PermissionDeniedException {


  		




  306
  369
  
    

  		




  307
  370
  
    
        Reference reference = repo.getReferenceService().find(referenceID);


  		




  308
  371
  
    
        if(resolveSections){


  		




  309
  372
  
    
            reference = resolveSection(reference);


  		




  310
  373
  
    
        }


  		




  
  374
  
    

  		




  
  375
  
    
        checkPermissions(reference);


  		




  
  376
  
    

  		




  311
  377
  
    
        repo.getReferenceService().load(reference.getUuid()); // needed to avoid the problem described in #7331


  		




  312
  378
  
    

  		




  313
  379
  
    
        Pager<Registration> pager = repo.getRegistrationService().page(Optional.of(reference), null, null, null, REGISTRATION_DTO_INIT_STRATEGY);


  		












Also available in:  Unified diff