Revision f0aad502
Added by Andreas Kohlbecker over 6 years ago
cdmlib-persistence/src/main/java/eu/etaxonomy/cdm/persistence/hibernate/permission/CdmAuthority.java | ||
---|---|---|
75 | 75 |
// Making sure that operation is always initialized, for both |
76 | 76 |
// - the string representation to have a '[]' |
77 | 77 |
// - and the object representation to never be null (with check in constructors) |
78 |
EnumSet<CRUD> operation = EnumSet.noneOf(CRUD.class);;
|
|
78 |
EnumSet<CRUD> operation = EnumSet.noneOf(CRUD.class); |
|
79 | 79 |
UUID targetUuid; |
80 | 80 |
|
81 |
public CdmAuthority(CdmBase targetDomainObject, EnumSet<CRUD> operation, UUID uuid){
|
|
81 |
public CdmAuthority(CdmBase targetDomainObject, EnumSet<CRUD> operation){ |
|
82 | 82 |
this.permissionClass = CdmPermissionClass.getValueOf(targetDomainObject); |
83 | 83 |
this.property = null; |
84 | 84 |
if(operation != null) { |
85 | 85 |
this.operation = operation; |
86 | 86 |
} |
87 |
this.targetUuid = uuid; |
|
87 |
if(targetDomainObject.getUuid() == null){ |
|
88 |
throw new NullPointerException("UUID of targetDomainObject is null. CDM entities need to be saved prior using this function"); |
|
89 |
} |
|
90 |
this.targetUuid = targetDomainObject.getUuid(); |
|
88 | 91 |
} |
89 | 92 |
|
90 | 93 |
public CdmAuthority(CdmBase targetDomainObject, String property, EnumSet<CRUD> operation, UUID uuid){ |
... | ... | |
96 | 99 |
this.targetUuid = uuid; |
97 | 100 |
} |
98 | 101 |
|
102 |
public CdmAuthority(Class<? extends CdmBase> targetDomainType, String property, EnumSet<CRUD> operation, UUID uuid){ |
|
103 |
this.permissionClass = CdmPermissionClass.getValueOf(targetDomainType); |
|
104 |
this.property = property; |
|
105 |
if(operation != null) { |
|
106 |
this.operation = operation; |
|
107 |
} |
|
108 |
this.targetUuid = uuid; |
|
109 |
} |
|
110 |
|
|
99 | 111 |
|
100 | 112 |
public CdmAuthority(CdmPermissionClass permissionClass, String property, EnumSet<CRUD> operation, UUID uuid){ |
101 | 113 |
this.permissionClass = permissionClass; |
cdmlib-persistence/src/main/java/eu/etaxonomy/cdm/persistence/hibernate/permission/CdmPermissionEvaluator.java | ||
---|---|---|
62 | 62 |
public boolean hasPermission(Authentication authentication, Object targetDomainObject, Object permission) { |
63 | 63 |
|
64 | 64 |
|
65 |
CdmAuthority evalPermission; |
|
66 | 65 |
EnumSet<CRUD> requiredOperation = null; |
67 | 66 |
|
68 |
if(authentication == null) { |
|
69 |
return false; |
|
70 |
} |
|
67 |
CdmBase cdmEntitiy = (CdmBase)targetDomainObject; |
|
71 | 68 |
|
72 | 69 |
if(logger.isDebugEnabled()){ |
73 |
String targteDomainObjText = " Object: " + (targetDomainObject == null? "null":((CdmBase)targetDomainObject).instanceToString());
|
|
70 |
String targteDomainObjText = " Object: " + (targetDomainObject == null? "null":cdmEntitiy.instanceToString());
|
|
74 | 71 |
logUserAndRequirement(authentication, permission.toString(), targteDomainObjText); |
75 | 72 |
} |
76 | 73 |
try { |
... | ... | |
78 | 75 |
|
79 | 76 |
} catch (IllegalArgumentException e) { |
80 | 77 |
logger.debug("permission string '"+ permission.toString() + "' not parsable => true"); |
81 |
return true; // FIXME it might be wrong to return true
|
|
78 |
return false;
|
|
82 | 79 |
} |
83 | 80 |
|
84 |
evalPermission = authorityRequiredFor((CdmBase)targetDomainObject, requiredOperation); |
|
81 |
return hasPermission(authentication, cdmEntitiy, requiredOperation); |
|
82 |
|
|
83 |
} |
|
84 |
|
|
85 |
/** |
|
86 |
* @param authentication |
|
87 |
* @param targetDomainObject |
|
88 |
* @param requiredOperation |
|
89 |
* @return |
|
90 |
*/ |
|
91 |
@Override |
|
92 |
public boolean hasPermission(Authentication authentication, CdmBase targetDomainObject, EnumSet<CRUD> requiredOperation) { |
|
93 |
|
|
94 |
if(authentication == null) { |
|
95 |
return false; |
|
96 |
} |
|
97 |
|
|
98 |
CdmAuthority evalPermission = authorityRequiredFor(targetDomainObject, requiredOperation); |
|
85 | 99 |
|
86 | 100 |
if (evalPermission.permissionClass != null) { |
87 | 101 |
logger.debug("starting evaluation => ..."); |
88 |
return evalPermission(authentication, evalPermission, (CdmBase) targetDomainObject);
|
|
102 |
return evalPermission(authentication, evalPermission, targetDomainObject); |
|
89 | 103 |
}else{ |
90 | 104 |
logger.debug("skipping evaluation => true"); |
91 | 105 |
return true; |
92 | 106 |
} |
93 |
|
|
94 | 107 |
} |
95 | 108 |
|
96 | 109 |
|
... | ... | |
165 | 178 |
* @return |
166 | 179 |
*/ |
167 | 180 |
private CdmAuthority authorityRequiredFor(CdmBase targetEntity, EnumSet<CRUD> requiredOperation) { |
168 |
CdmAuthority evalPermission; |
|
169 |
try{ |
|
170 |
//evalPermission = new CdmAuthority(targetDomainObject.getClass().getSimpleName().toUpperCase(), cdmPermission, (targetDomainObject).getUuid()); |
|
171 |
evalPermission = new CdmAuthority(targetEntity, requiredOperation, (targetEntity).getUuid()); |
|
172 |
}catch(NullPointerException e){ |
|
173 |
// TODO document where the NPE is coming from |
|
174 |
|
|
175 |
//evalPermission = new CdmAuthority(targetDomainObject.getClass().getSimpleName().toUpperCase(), cdmPermission, null); |
|
176 |
evalPermission = new CdmAuthority(targetEntity, requiredOperation, null); |
|
177 |
} |
|
181 |
CdmAuthority evalPermission = new CdmAuthority(targetEntity, requiredOperation); |
|
178 | 182 |
return evalPermission; |
179 | 183 |
} |
180 | 184 |
|
cdmlib-persistence/src/main/java/eu/etaxonomy/cdm/persistence/hibernate/permission/ICdmPermissionEvaluator.java | ||
---|---|---|
27 | 27 |
public <T extends CdmBase> boolean hasPermission(Authentication authentication, Class<T> targetDomainObjectClass, |
28 | 28 |
EnumSet<CRUD> requiredOperations); |
29 | 29 |
|
30 |
boolean hasPermission(Authentication authentication, CdmBase targetDomainObject, EnumSet<CRUD> requiredOperation); |
|
31 |
|
|
30 | 32 |
} |
Also available in: Unified diff
refactoring CdmPermissionEvaluator and CdmAuthoritiy for a more comprehensible API