1
|
/**
|
2
|
* Copyright (C) 2009 EDIT
|
3
|
* European Distributed Institute of Taxonomy
|
4
|
* http://www.e-taxonomy.eu
|
5
|
*
|
6
|
* The contents of this file are subject to the Mozilla Public License Version 1.1
|
7
|
* See LICENSE.TXT at the top of this package for the full license terms.
|
8
|
*/
|
9
|
|
10
|
package eu.etaxonomy.cdm.persistence.hibernate;
|
11
|
|
12
|
import org.apache.log4j.Logger;
|
13
|
import org.hibernate.HibernateException;
|
14
|
import org.hibernate.event.SaveOrUpdateEvent;
|
15
|
import org.hibernate.event.SaveOrUpdateEventListener;
|
16
|
import org.joda.time.DateTime;
|
17
|
import org.springframework.security.core.Authentication;
|
18
|
import org.springframework.security.core.GrantedAuthority;
|
19
|
import org.springframework.security.core.context.SecurityContextHolder;
|
20
|
|
21
|
import eu.etaxonomy.cdm.database.EvaluationFailedException;
|
22
|
import eu.etaxonomy.cdm.model.common.ICdmBase;
|
23
|
import eu.etaxonomy.cdm.model.common.User;
|
24
|
import eu.etaxonomy.cdm.permission.AuthorityPermission;
|
25
|
import eu.etaxonomy.cdm.permission.CdmPermission;
|
26
|
import eu.etaxonomy.cdm.permission.CdmPermissionEvaluator;
|
27
|
|
28
|
public class SaveEntityListener implements SaveOrUpdateEventListener {
|
29
|
private static final long serialVersionUID = -4295612947856041686L;
|
30
|
@SuppressWarnings("unused")
|
31
|
private static final Logger logger = Logger.getLogger(SaveEntityListener.class);
|
32
|
|
33
|
public void onSaveOrUpdate(SaveOrUpdateEvent event) throws HibernateException {
|
34
|
Object entity = event.getObject();
|
35
|
//System.err.println("SaveEntityListener" + event.getEntityName()+ event.getEntity().getClass());
|
36
|
if (entity != null){
|
37
|
Class<?> entityClazz = entity.getClass();
|
38
|
if(ICdmBase.class.isAssignableFrom(entityClazz)) {
|
39
|
ICdmBase cdmBase = (ICdmBase)entity;
|
40
|
cdmBase.setCreated(new DateTime());
|
41
|
|
42
|
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
|
43
|
if(authentication != null && authentication.getPrincipal() != null && authentication.getPrincipal() instanceof User) {
|
44
|
User user = (User)authentication.getPrincipal();
|
45
|
cdmBase.setCreatedBy(user);
|
46
|
CdmPermissionEvaluator permissionEvaluator = new CdmPermissionEvaluator();
|
47
|
System.err.println(cdmBase.getClass().toString());
|
48
|
for (GrantedAuthority authority:((User)SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getAuthorities()){
|
49
|
System.err.println(authority.getAuthority());
|
50
|
}
|
51
|
if (!permissionEvaluator.hasPermission(SecurityContextHolder.getContext().getAuthentication(), entity, CdmPermission.CREATE)){
|
52
|
System.err.println(entity );
|
53
|
for (GrantedAuthority authority:((User)SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getAuthorities()){
|
54
|
System.err.println(authority.getAuthority());
|
55
|
}
|
56
|
throw new EvaluationFailedException("Permission evaluation failed for " + event.getEntity());
|
57
|
}
|
58
|
|
59
|
}
|
60
|
}
|
61
|
}
|
62
|
}
|
63
|
}
|