Revision 88249c56
Added by Andreas Kohlbecker over 6 years ago
cdmlib-persistence/src/main/java/eu/etaxonomy/cdm/persistence/hibernate/permission/voter/SpecimenOrObservationBaseVoter.java | ||
---|---|---|
8 | 8 |
*/ |
9 | 9 |
package eu.etaxonomy.cdm.persistence.hibernate.permission.voter; |
10 | 10 |
|
11 |
import java.util.Collection; |
|
12 |
import java.util.Set; |
|
13 |
import java.util.UUID; |
|
14 |
|
|
15 |
import org.springframework.security.access.ConfigAttribute; |
|
16 |
|
|
17 |
import eu.etaxonomy.cdm.hibernate.HibernateProxyHelper; |
|
11 | 18 |
import eu.etaxonomy.cdm.model.common.CdmBase; |
19 |
import eu.etaxonomy.cdm.model.occurrence.DerivedUnit; |
|
12 | 20 |
import eu.etaxonomy.cdm.model.occurrence.SpecimenOrObservationBase; |
21 |
import eu.etaxonomy.cdm.persistence.hibernate.permission.CdmAuthority; |
|
13 | 22 |
|
14 | 23 |
/** |
24 |
* see https://dev.e-taxonomy.eu/redmine/issues/7018 |
|
25 |
* |
|
15 | 26 |
* @author a.kohlbecker |
16 | 27 |
* @date Feb 24, 2014 |
17 | 28 |
* |
... | ... | |
26 | 37 |
return SpecimenOrObservationBase.class; |
27 | 38 |
} |
28 | 39 |
|
40 |
/* (non-Javadoc) |
|
41 |
* @see eu.etaxonomy.cdm.persistence.hibernate.permission.voter.CdmPermissionVoter#furtherVotingDescisions(org.springframework.security.core.Authentication, java.lang.Object, java.util.Collection, eu.etaxonomy.cdm.persistence.hibernate.permission.voter.TaxonBaseVoter.ValidationResult) |
|
42 |
*/ |
|
43 |
@Override |
|
44 |
protected Integer furtherVotingDescisions(CdmAuthority CdmAuthority, Object object, Collection<ConfigAttribute> attributes, |
|
45 |
ValidationResult validationResult) { |
|
46 |
|
|
47 |
boolean isUuidMatchInOriginals = CdmAuthority.hasTargetUuid() && propagateGrantsFromOriginal(CdmAuthority.getTargetUUID(), (SpecimenOrObservationBase)object); |
|
48 |
if ( isUuidMatchInOriginals && validationResult.isClassMatch && validationResult.isPermissionMatch){ |
|
49 |
logger.debug("permission, class and uuid in originals are matching => ACCESS_GRANTED"); |
|
50 |
return ACCESS_GRANTED; |
|
51 |
} |
|
52 |
return null; |
|
53 |
} |
|
54 |
|
|
55 |
/** |
|
56 |
* @param targetUuid |
|
57 |
* @param sob |
|
58 |
* @return |
|
59 |
*/ |
|
60 |
private boolean propagateGrantsFromOriginal(UUID targetUuid, SpecimenOrObservationBase<?> sob){ |
|
61 |
|
|
62 |
if (targetUuid.equals(sob.getUuid())) { |
|
63 |
return true; |
|
64 |
} else { |
|
65 |
if(sob instanceof DerivedUnit) { |
|
66 |
Set<SpecimenOrObservationBase> originals = HibernateProxyHelper.deproxy(sob, DerivedUnit.class).getOriginals(); |
|
67 |
if(originals.size() == 1){ |
|
68 |
SpecimenOrObservationBase original = originals.iterator().next(); |
|
69 |
return propagateGrantsFromOriginal(targetUuid, original); |
|
70 |
} |
|
71 |
} |
|
72 |
} |
|
73 |
return false; |
|
74 |
} |
|
75 |
|
|
29 | 76 |
/* (non-Javadoc) |
30 | 77 |
* @see eu.etaxonomy.cdm.persistence.hibernate.permission.voter.CdmPermissionVoter#isOrpahn(eu.etaxonomy.cdm.model.common.CdmBase) |
31 | 78 |
*/ |
32 | 79 |
@Override |
33 | 80 |
public boolean isOrpahn(CdmBase object) { |
34 |
// the permission to delete a SpecimenOrObservationBase is not granted on base of hierachical |
|
35 |
// permission propagation, therefore it is save to treat all entities as orphan. |
|
81 |
// we always return true here to allow deleting the reference |
|
36 | 82 |
return true; |
37 | 83 |
} |
38 | 84 |
|
Also available in: Unified diff
fix #7018 ref #7020 simple permission voter and authorities for SpecimenOrObservationBase implemented, more complex voter implementation postponed