Revision 51cc6f53
Added by Andreas Kohlbecker over 5 years ago
cdmlib-services/src/main/java/eu/etaxonomy/cdm/api/service/registration/RegistrationWorkingSetService.java | ||
---|---|---|
20 | 20 |
|
21 | 21 |
import org.apache.log4j.Logger; |
22 | 22 |
import org.hibernate.Hibernate; |
23 |
import org.joda.time.DateTime; |
|
24 |
import org.joda.time.Partial; |
|
23 | 25 |
import org.springframework.beans.factory.annotation.Autowired; |
24 | 26 |
import org.springframework.beans.factory.annotation.Qualifier; |
25 | 27 |
import org.springframework.stereotype.Service; |
... | ... | |
31 | 33 |
import eu.etaxonomy.cdm.api.service.exception.RegistrationValidationException; |
32 | 34 |
import eu.etaxonomy.cdm.api.service.pager.Pager; |
33 | 35 |
import eu.etaxonomy.cdm.api.service.pager.impl.DefaultPagerImpl; |
36 |
import eu.etaxonomy.cdm.api.utility.UserHelper; |
|
37 |
import eu.etaxonomy.cdm.database.PermissionDeniedException; |
|
34 | 38 |
import eu.etaxonomy.cdm.hibernate.HibernateProxyHelper; |
35 | 39 |
import eu.etaxonomy.cdm.model.common.User; |
36 | 40 |
import eu.etaxonomy.cdm.model.name.Registration; |
... | ... | |
44 | 48 |
import eu.etaxonomy.cdm.model.reference.Reference; |
45 | 49 |
import eu.etaxonomy.cdm.model.reference.ReferenceType; |
46 | 50 |
import eu.etaxonomy.cdm.persistence.dao.initializer.IBeanInitializer; |
51 |
import eu.etaxonomy.cdm.persistence.hibernate.permission.CRUD; |
|
47 | 52 |
import eu.etaxonomy.cdm.persistence.query.MatchMode; |
48 | 53 |
import eu.etaxonomy.cdm.persistence.query.OrderHint; |
49 | 54 |
import eu.etaxonomy.cdm.persistence.query.OrderHint.SortOrder; |
... | ... | |
142 | 147 |
@Qualifier("cdmRepository") |
143 | 148 |
private CdmRepository repo; |
144 | 149 |
|
150 |
@Autowired |
|
151 |
private UserHelper userHelper; |
|
152 |
|
|
145 | 153 |
@Autowired |
146 | 154 |
protected IBeanInitializer defaultBeanInitializer; |
147 | 155 |
|
... | ... | |
270 | 278 |
* @throws RegistrationValidationException |
271 | 279 |
*/ |
272 | 280 |
@Override |
273 |
public RegistrationWorkingSet loadWorkingSetByReferenceUuid(UUID referenceUuid, boolean resolveSections) throws RegistrationValidationException { |
|
281 |
public RegistrationWorkingSet loadWorkingSetByReferenceUuid(UUID referenceUuid, boolean resolveSections) throws RegistrationValidationException, PermissionDeniedException {
|
|
274 | 282 |
|
275 | 283 |
Reference reference = repo.getReferenceService().load(referenceUuid); // needed to use load to avoid the problem described in #7331 |
276 | 284 |
if(resolveSections){ |
277 | 285 |
reference = resolveSection(reference); |
278 | 286 |
} |
279 | 287 |
|
288 |
checkPermissions(reference); |
|
289 |
|
|
280 | 290 |
Pager<Registration> pager = repo.getRegistrationService().page(Optional.of(reference), null, null, null, REGISTRATION_DTO_INIT_STRATEGY); |
281 | 291 |
|
282 | 292 |
/* for debugging https://dev.e-taxonomy.eu/redmine/issues/7331 */ |
... | ... | |
285 | 295 |
} |
286 | 296 |
|
287 | 297 |
|
298 |
/** |
|
299 |
* @param reference |
|
300 |
*/ |
|
301 |
private void checkPermissions(Reference reference) throws PermissionDeniedException { |
|
302 |
|
|
303 |
boolean permissionDenied = isPermissionDenied(reference); |
|
304 |
if(permissionDenied) { |
|
305 |
throw new PermissionDeniedException("Access to the workingset is denied for the current user."); |
|
306 |
} |
|
307 |
} |
|
308 |
|
|
309 |
|
|
310 |
/** |
|
311 |
* @param reference |
|
312 |
* @return |
|
313 |
*/ |
|
314 |
public boolean isPermissionDenied(Reference reference) { |
|
315 |
boolean permissionDenied = false; |
|
316 |
if(!checkReferencePublished(reference)){ |
|
317 |
permissionDenied = !userHelper.userHasPermission(reference, CRUD.UPDATE); |
|
318 |
} |
|
319 |
return permissionDenied; |
|
320 |
} |
|
321 |
|
|
322 |
|
|
323 |
/** |
|
324 |
* @param reference |
|
325 |
* @return |
|
326 |
*/ |
|
327 |
public boolean checkReferencePublished(Reference reference) { |
|
328 |
|
|
329 |
if(reference.getDatePublished() == null){ |
|
330 |
return false; |
|
331 |
} |
|
332 |
Partial pubPartial = null; |
|
333 |
if(reference.getDatePublished().getStart() != null){ |
|
334 |
pubPartial = reference.getDatePublished().getStart(); |
|
335 |
} else { |
|
336 |
pubPartial = reference.getDatePublished().getEnd(); |
|
337 |
} |
|
338 |
if(pubPartial == null){ |
|
339 |
return !reference.getDatePublished().getFreeText().isEmpty(); |
|
340 |
} |
|
341 |
|
|
342 |
DateTime nowLocal = new DateTime(); |
|
343 |
//LocalDateTime nowUTC = nowLocal.withZone(DateTimeZone.UTC).toLocalDateTime(); |
|
344 |
|
|
345 |
DateTime pubDateTime = pubPartial.toDateTime(null); |
|
346 |
return nowLocal.isAfter(pubDateTime); |
|
347 |
|
|
348 |
} |
|
349 |
|
|
350 |
|
|
288 | 351 |
/** |
289 | 352 |
* @param reference |
290 | 353 |
* @return |
... | ... | |
302 | 365 |
* @throws RegistrationValidationException |
303 | 366 |
*/ |
304 | 367 |
@Override |
305 |
public RegistrationWorkingSet loadWorkingSetByReferenceID(Integer referenceID, boolean resolveSections) throws RegistrationValidationException { |
|
368 |
public RegistrationWorkingSet loadWorkingSetByReferenceID(Integer referenceID, boolean resolveSections) throws RegistrationValidationException, PermissionDeniedException {
|
|
306 | 369 |
|
307 | 370 |
Reference reference = repo.getReferenceService().find(referenceID); |
308 | 371 |
if(resolveSections){ |
309 | 372 |
reference = resolveSection(reference); |
310 | 373 |
} |
374 |
|
|
375 |
checkPermissions(reference); |
|
376 |
|
|
311 | 377 |
repo.getReferenceService().load(reference.getUuid()); // needed to avoid the problem described in #7331 |
312 | 378 |
|
313 | 379 |
Pager<Registration> pager = repo.getRegistrationService().page(Optional.of(reference), null, null, null, REGISTRATION_DTO_INIT_STRATEGY); |
Also available in: Unified diff
ref #7833 permission checking in RegistrationWorkingSetService