|
1
|
package eu.etaxonomy.cdm.persistence.hibernate;
|
|
2
|
|
|
3
|
import org.hibernate.HibernateException;
|
|
4
|
import org.hibernate.event.SaveOrUpdateEvent;
|
|
5
|
import org.hibernate.event.SaveOrUpdateEventListener;
|
|
6
|
import org.joda.time.DateTime;
|
|
7
|
import org.springframework.security.core.Authentication;
|
|
8
|
import org.springframework.security.core.context.SecurityContextHolder;
|
|
9
|
|
|
10
|
import eu.etaxonomy.cdm.database.EvaluationFailedException;
|
|
11
|
import eu.etaxonomy.cdm.model.common.CdmBase;
|
|
12
|
import eu.etaxonomy.cdm.model.common.User;
|
|
13
|
import eu.etaxonomy.cdm.model.common.VersionableEntity;
|
|
14
|
import eu.etaxonomy.cdm.model.description.DescriptionBase;
|
|
15
|
import eu.etaxonomy.cdm.model.description.SpecimenDescription;
|
|
16
|
import eu.etaxonomy.cdm.model.description.TaxonDescription;
|
|
17
|
import eu.etaxonomy.cdm.model.description.TaxonNameDescription;
|
|
18
|
import eu.etaxonomy.cdm.model.name.TaxonNameBase;
|
|
19
|
import eu.etaxonomy.cdm.model.taxon.Taxon;
|
|
20
|
import eu.etaxonomy.cdm.permission.CdmPermission;
|
|
21
|
import eu.etaxonomy.cdm.permission.CdmPermissionEvaluator;
|
|
22
|
|
|
23
|
public class SaveOrUpdateEntityListener implements SaveOrUpdateEventListener {
|
|
24
|
|
|
25
|
public void onSaveOrUpdate(SaveOrUpdateEvent event)
|
|
26
|
throws HibernateException {
|
|
27
|
//System.err.println("SaveOrUpdateListener" + event.getEntity().getClass());
|
|
28
|
Object entity = event.getObject();
|
|
29
|
if(entity != null && CdmBase.class.isAssignableFrom(entity.getClass())){
|
|
30
|
|
|
31
|
CdmPermissionEvaluator permissionEvaluator = new CdmPermissionEvaluator();
|
|
32
|
|
|
33
|
if (VersionableEntity.class.isAssignableFrom(entity.getClass())) {
|
|
34
|
VersionableEntity versionableEntity = (VersionableEntity)entity;
|
|
35
|
if (versionableEntity.getId()== 0){
|
|
36
|
|
|
37
|
versionableEntity.setUpdated(new DateTime());
|
|
38
|
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
|
|
39
|
if(authentication != null && authentication.getPrincipal() != null && authentication.getPrincipal() instanceof User) {
|
|
40
|
User user = (User)authentication.getPrincipal();
|
|
41
|
versionableEntity.setUpdatedBy(user);
|
|
42
|
}
|
|
43
|
if (SecurityContextHolder.getContext().getAuthentication()!= null){
|
|
44
|
|
|
45
|
if (!permissionEvaluator.hasPermission(SecurityContextHolder.getContext().getAuthentication(), entity, CdmPermission.CREATE)){
|
|
46
|
if (entity instanceof SpecimenDescription){
|
|
47
|
//TODO
|
|
48
|
}else if (entity instanceof TaxonDescription){
|
|
49
|
TaxonDescription taxonDescription = (TaxonDescription) entity;
|
|
50
|
Taxon taxon = taxonDescription.getTaxon();
|
|
51
|
permissionEvaluator.hasPermission(SecurityContextHolder.getContext().getAuthentication(), taxon, CdmPermission.UPDATE);
|
|
52
|
} else if (entity instanceof TaxonNameDescription){
|
|
53
|
TaxonNameDescription taxonNameDescription = (TaxonNameDescription) entity;
|
|
54
|
TaxonNameBase taxonName = taxonNameDescription.getTaxonName();
|
|
55
|
permissionEvaluator.hasPermission(SecurityContextHolder.getContext().getAuthentication(), taxonName, CdmPermission.UPDATE);
|
|
56
|
} else{
|
|
57
|
throw new EvaluationFailedException("Permission evaluation failed for " + event.getEntity());
|
|
58
|
}
|
|
59
|
}
|
|
60
|
}
|
|
61
|
}else{
|
|
62
|
if (SecurityContextHolder.getContext().getAuthentication()!= null){
|
|
63
|
|
|
64
|
if (!permissionEvaluator.hasPermission(SecurityContextHolder.getContext().getAuthentication(), entity, CdmPermission.UPDATE)){
|
|
65
|
throw new EvaluationFailedException("Permission evaluation failed for " + event.getEntity());
|
|
66
|
}
|
|
67
|
}
|
|
68
|
}
|
|
69
|
}
|
|
70
|
}
|
|
71
|
}
|
|
72
|
|
|
73
|
}
|