20 |
20 |
|
21 |
21 |
import org.apache.log4j.Logger;
|
22 |
22 |
import org.hibernate.Hibernate;
|
|
23 |
import org.joda.time.DateTime;
|
|
24 |
import org.joda.time.Partial;
|
23 |
25 |
import org.springframework.beans.factory.annotation.Autowired;
|
24 |
26 |
import org.springframework.beans.factory.annotation.Qualifier;
|
25 |
27 |
import org.springframework.stereotype.Service;
|
... | ... | |
31 |
33 |
import eu.etaxonomy.cdm.api.service.exception.RegistrationValidationException;
|
32 |
34 |
import eu.etaxonomy.cdm.api.service.pager.Pager;
|
33 |
35 |
import eu.etaxonomy.cdm.api.service.pager.impl.DefaultPagerImpl;
|
|
36 |
import eu.etaxonomy.cdm.api.utility.UserHelper;
|
|
37 |
import eu.etaxonomy.cdm.database.PermissionDeniedException;
|
34 |
38 |
import eu.etaxonomy.cdm.hibernate.HibernateProxyHelper;
|
35 |
39 |
import eu.etaxonomy.cdm.model.common.User;
|
36 |
40 |
import eu.etaxonomy.cdm.model.name.Registration;
|
... | ... | |
44 |
48 |
import eu.etaxonomy.cdm.model.reference.Reference;
|
45 |
49 |
import eu.etaxonomy.cdm.model.reference.ReferenceType;
|
46 |
50 |
import eu.etaxonomy.cdm.persistence.dao.initializer.IBeanInitializer;
|
|
51 |
import eu.etaxonomy.cdm.persistence.hibernate.permission.CRUD;
|
47 |
52 |
import eu.etaxonomy.cdm.persistence.query.MatchMode;
|
48 |
53 |
import eu.etaxonomy.cdm.persistence.query.OrderHint;
|
49 |
54 |
import eu.etaxonomy.cdm.persistence.query.OrderHint.SortOrder;
|
... | ... | |
142 |
147 |
@Qualifier("cdmRepository")
|
143 |
148 |
private CdmRepository repo;
|
144 |
149 |
|
|
150 |
@Autowired
|
|
151 |
private UserHelper userHelper;
|
|
152 |
|
145 |
153 |
@Autowired
|
146 |
154 |
protected IBeanInitializer defaultBeanInitializer;
|
147 |
155 |
|
... | ... | |
270 |
278 |
* @throws RegistrationValidationException
|
271 |
279 |
*/
|
272 |
280 |
@Override
|
273 |
|
public RegistrationWorkingSet loadWorkingSetByReferenceUuid(UUID referenceUuid, boolean resolveSections) throws RegistrationValidationException {
|
|
281 |
public RegistrationWorkingSet loadWorkingSetByReferenceUuid(UUID referenceUuid, boolean resolveSections) throws RegistrationValidationException, PermissionDeniedException {
|
274 |
282 |
|
275 |
283 |
Reference reference = repo.getReferenceService().load(referenceUuid); // needed to use load to avoid the problem described in #7331
|
276 |
284 |
if(resolveSections){
|
277 |
285 |
reference = resolveSection(reference);
|
278 |
286 |
}
|
279 |
287 |
|
|
288 |
checkPermissions(reference);
|
|
289 |
|
280 |
290 |
Pager<Registration> pager = repo.getRegistrationService().page(Optional.of(reference), null, null, null, REGISTRATION_DTO_INIT_STRATEGY);
|
281 |
291 |
|
282 |
292 |
/* for debugging https://dev.e-taxonomy.eu/redmine/issues/7331 */
|
... | ... | |
285 |
295 |
}
|
286 |
296 |
|
287 |
297 |
|
|
298 |
/**
|
|
299 |
* @param reference
|
|
300 |
*/
|
|
301 |
private void checkPermissions(Reference reference) throws PermissionDeniedException {
|
|
302 |
|
|
303 |
boolean permissionDenied = isPermissionDenied(reference);
|
|
304 |
if(permissionDenied) {
|
|
305 |
throw new PermissionDeniedException("Access to the workingset is denied for the current user.");
|
|
306 |
}
|
|
307 |
}
|
|
308 |
|
|
309 |
|
|
310 |
/**
|
|
311 |
* @param reference
|
|
312 |
* @return
|
|
313 |
*/
|
|
314 |
public boolean isPermissionDenied(Reference reference) {
|
|
315 |
boolean permissionDenied = false;
|
|
316 |
if(!checkReferencePublished(reference)){
|
|
317 |
permissionDenied = !userHelper.userHasPermission(reference, CRUD.UPDATE);
|
|
318 |
}
|
|
319 |
return permissionDenied;
|
|
320 |
}
|
|
321 |
|
|
322 |
|
|
323 |
/**
|
|
324 |
* @param reference
|
|
325 |
* @return
|
|
326 |
*/
|
|
327 |
public boolean checkReferencePublished(Reference reference) {
|
|
328 |
|
|
329 |
if(reference.getDatePublished() == null){
|
|
330 |
return false;
|
|
331 |
}
|
|
332 |
Partial pubPartial = null;
|
|
333 |
if(reference.getDatePublished().getStart() != null){
|
|
334 |
pubPartial = reference.getDatePublished().getStart();
|
|
335 |
} else {
|
|
336 |
pubPartial = reference.getDatePublished().getEnd();
|
|
337 |
}
|
|
338 |
if(pubPartial == null){
|
|
339 |
return !reference.getDatePublished().getFreeText().isEmpty();
|
|
340 |
}
|
|
341 |
|
|
342 |
DateTime nowLocal = new DateTime();
|
|
343 |
//LocalDateTime nowUTC = nowLocal.withZone(DateTimeZone.UTC).toLocalDateTime();
|
|
344 |
|
|
345 |
DateTime pubDateTime = pubPartial.toDateTime(null);
|
|
346 |
return nowLocal.isAfter(pubDateTime);
|
|
347 |
|
|
348 |
}
|
|
349 |
|
|
350 |
|
288 |
351 |
/**
|
289 |
352 |
* @param reference
|
290 |
353 |
* @return
|
... | ... | |
302 |
365 |
* @throws RegistrationValidationException
|
303 |
366 |
*/
|
304 |
367 |
@Override
|
305 |
|
public RegistrationWorkingSet loadWorkingSetByReferenceID(Integer referenceID, boolean resolveSections) throws RegistrationValidationException {
|
|
368 |
public RegistrationWorkingSet loadWorkingSetByReferenceID(Integer referenceID, boolean resolveSections) throws RegistrationValidationException, PermissionDeniedException {
|
306 |
369 |
|
307 |
370 |
Reference reference = repo.getReferenceService().find(referenceID);
|
308 |
371 |
if(resolveSections){
|
309 |
372 |
reference = resolveSection(reference);
|
310 |
373 |
}
|
|
374 |
|
|
375 |
checkPermissions(reference);
|
|
376 |
|
311 |
377 |
repo.getReferenceService().load(reference.getUuid()); // needed to avoid the problem described in #7331
|
312 |
378 |
|
313 |
379 |
Pager<Registration> pager = repo.getRegistrationService().page(Optional.of(reference), null, null, null, REGISTRATION_DTO_INIT_STRATEGY);
|
ref #7833 permission checking in RegistrationWorkingSetService