Revision daf9013d
Added by Katja Luther over 12 years ago
cdmlib-persistence/src/main/java/eu/etaxonomy/cdm/persistence/hibernate/SaveEntityListener.java | ||
---|---|---|
15 | 15 |
import org.hibernate.event.SaveOrUpdateEventListener; |
16 | 16 |
import org.joda.time.DateTime; |
17 | 17 |
import org.springframework.security.core.Authentication; |
18 |
import org.springframework.security.core.GrantedAuthority; |
|
18 | 19 |
import org.springframework.security.core.context.SecurityContextHolder; |
19 | 20 |
|
21 |
import eu.etaxonomy.cdm.database.EvaluationFailedException; |
|
20 | 22 |
import eu.etaxonomy.cdm.model.common.ICdmBase; |
21 | 23 |
import eu.etaxonomy.cdm.model.common.User; |
24 |
import eu.etaxonomy.cdm.permission.AuthorityPermission; |
|
25 |
import eu.etaxonomy.cdm.permission.CdmPermission; |
|
26 |
import eu.etaxonomy.cdm.permission.CdmPermissionEvaluator; |
|
22 | 27 |
|
23 | 28 |
public class SaveEntityListener implements SaveOrUpdateEventListener { |
24 | 29 |
private static final long serialVersionUID = -4295612947856041686L; |
... | ... | |
27 | 32 |
|
28 | 33 |
public void onSaveOrUpdate(SaveOrUpdateEvent event) throws HibernateException { |
29 | 34 |
Object entity = event.getObject(); |
35 |
|
|
30 | 36 |
if (entity != null){ |
31 | 37 |
Class<?> entityClazz = entity.getClass(); |
32 | 38 |
if(ICdmBase.class.isAssignableFrom(entityClazz)) { |
... | ... | |
36 | 42 |
if(authentication != null && authentication.getPrincipal() != null && authentication.getPrincipal() instanceof User) { |
37 | 43 |
User user = (User)authentication.getPrincipal(); |
38 | 44 |
cdmBase.setCreatedBy(user); |
45 |
CdmPermissionEvaluator permissionEvaluator = new CdmPermissionEvaluator(); |
|
46 |
if (!permissionEvaluator.hasPermission(SecurityContextHolder.getContext().getAuthentication(), entity, CdmPermission.CREATE)){ |
|
47 |
throw new EvaluationFailedException("Permission evaluation failed for " + event.getEntity()); |
|
48 |
} |
|
49 |
|
|
39 | 50 |
} |
40 | 51 |
} |
41 | 52 |
} |
Also available in: Unified diff