Mercurial > lada > lada-server

annotate src/main/java/de/intevation/lada/util/auth/MessungIdAuthorizer.java @ 1028:1c41c7b8f7c2 schema-update

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Updated server application to new database model. THIS IS STILL WIP!!!
author Raimund Renkert <raimund.renkert@intevation.de>
date Fri, 08 Jul 2016 15:32:36 +0200
parents f5b4784d9173
children
rev   line source
849
d0a591b3eade Added missing file header.
Raimund Renkert <raimund.renkert@intevation.de>
parents: 833
diff changeset
1 /* Copyright (C) 2013 by Bundesamt fuer Strahlenschutz
d0a591b3eade Added missing file header.
Raimund Renkert <raimund.renkert@intevation.de>
parents: 833
diff changeset
2 * Software engineering by Intevation GmbH
d0a591b3eade Added missing file header.
Raimund Renkert <raimund.renkert@intevation.de>
parents: 833
diff changeset
3 *
d0a591b3eade Added missing file header.
Raimund Renkert <raimund.renkert@intevation.de>
parents: 833
diff changeset
4 * This file is Free Software under the GNU GPL (v>=3)
d0a591b3eade Added missing file header.
Raimund Renkert <raimund.renkert@intevation.de>
parents: 833
diff changeset
5 * and comes with ABSOLUTELY NO WARRANTY! Check out
d0a591b3eade Added missing file header.
Raimund Renkert <raimund.renkert@intevation.de>
parents: 833
diff changeset
6 * the documentation coming with IMIS-Labordaten-Application for details.
d0a591b3eade Added missing file header.
Raimund Renkert <raimund.renkert@intevation.de>
parents: 833
diff changeset
7 */
833
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
8 package de.intevation.lada.util.auth;
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
9
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
10 import java.lang.reflect.InvocationTargetException;
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
11 import java.lang.reflect.Method;
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
12 import java.util.ArrayList;
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
13 import java.util.List;
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
14
1028
1c41c7b8f7c2 Updated server application to new database model. THIS IS STILL WIP!!!
Raimund Renkert <raimund.renkert@intevation.de>
parents: 894
diff changeset
15 import de.intevation.lada.model.land.Messung;
1c41c7b8f7c2 Updated server application to new database model. THIS IS STILL WIP!!!
Raimund Renkert <raimund.renkert@intevation.de>
parents: 894
diff changeset
16 import de.intevation.lada.model.land.Probe;
1c41c7b8f7c2 Updated server application to new database model. THIS IS STILL WIP!!!
Raimund Renkert <raimund.renkert@intevation.de>
parents: 894
diff changeset
17 import de.intevation.lada.model.land.StatusProtokoll;
1c41c7b8f7c2 Updated server application to new database model. THIS IS STILL WIP!!!
Raimund Renkert <raimund.renkert@intevation.de>
parents: 894
diff changeset
18 import de.intevation.lada.model.stammdaten.MessStelle;
1c41c7b8f7c2 Updated server application to new database model. THIS IS STILL WIP!!!
Raimund Renkert <raimund.renkert@intevation.de>
parents: 894
diff changeset
19 import de.intevation.lada.model.stammdaten.StatusKombi;
833
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
20 import de.intevation.lada.util.rest.RequestMethod;
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
21 import de.intevation.lada.util.rest.Response;
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
22
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
23 public class MessungIdAuthorizer extends BaseAuthorizer {
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
24
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
25 @Override
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
26 public <T> boolean isAuthorized(
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
27 Object data,
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
28 RequestMethod method,
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
29 UserInfo userInfo,
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
30 Class<T> clazz
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
31 ) {
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
32 Method m;
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
33 try {
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
34 m = clazz.getMethod("getMessungsId");
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
35 } catch (NoSuchMethodException | SecurityException e1) {
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
36 return false;
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
37 }
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
38 Integer id;
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
39 try {
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
40 id = (Integer) m.invoke(data);
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
41 } catch (IllegalAccessException |
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
42 IllegalArgumentException |
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
43 InvocationTargetException e
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
44 ) {
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
45 return false;
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
46 }
1028
1c41c7b8f7c2 Updated server application to new database model. THIS IS STILL WIP!!!
Raimund Renkert <raimund.renkert@intevation.de>
parents: 894
diff changeset
47 Messung messung = repository.getByIdPlain(Messung.class, id, "land");
1c41c7b8f7c2 Updated server application to new database model. THIS IS STILL WIP!!!
Raimund Renkert <raimund.renkert@intevation.de>
parents: 894
diff changeset
48 Probe probe = repository.getByIdPlain(
1c41c7b8f7c2 Updated server application to new database model. THIS IS STILL WIP!!!
Raimund Renkert <raimund.renkert@intevation.de>
parents: 894
diff changeset
49 Probe.class,
833
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
50 messung.getProbeId(),
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
51 "land");
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
52 if (messung.getStatus() == null) {
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
53 return false;
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
54 }
1028
1c41c7b8f7c2 Updated server application to new database model. THIS IS STILL WIP!!!
Raimund Renkert <raimund.renkert@intevation.de>
parents: 894
diff changeset
55 StatusProtokoll status = repository.getByIdPlain(
1c41c7b8f7c2 Updated server application to new database model. THIS IS STILL WIP!!!
Raimund Renkert <raimund.renkert@intevation.de>
parents: 894
diff changeset
56 StatusProtokoll.class,
833
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
57 messung.getStatus(),
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
58 "land");
1028
1c41c7b8f7c2 Updated server application to new database model. THIS IS STILL WIP!!!
Raimund Renkert <raimund.renkert@intevation.de>
parents: 894
diff changeset
59 StatusKombi kombi = repository.getByIdPlain(
1c41c7b8f7c2 Updated server application to new database model. THIS IS STILL WIP!!!
Raimund Renkert <raimund.renkert@intevation.de>
parents: 894
diff changeset
60 StatusKombi.class,
1c41c7b8f7c2 Updated server application to new database model. THIS IS STILL WIP!!!
Raimund Renkert <raimund.renkert@intevation.de>
parents: 894
diff changeset
61 status.getStatusKombi(),
1c41c7b8f7c2 Updated server application to new database model. THIS IS STILL WIP!!!
Raimund Renkert <raimund.renkert@intevation.de>
parents: 894
diff changeset
62 "stamm");
833
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
63 return (method == RequestMethod.POST ||
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
64 method == RequestMethod.PUT ||
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
65 method == RequestMethod.DELETE ||
1028
1c41c7b8f7c2 Updated server application to new database model. THIS IS STILL WIP!!!
Raimund Renkert <raimund.renkert@intevation.de>
parents: 894
diff changeset
66 kombi.getStatusWert().getId() != 0) &&
833
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
67 getAuthorization(userInfo, probe);
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
68 }
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
69
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
70 @SuppressWarnings("unchecked")
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
71 @Override
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
72 public <T> Response filter(
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
73 Response data,
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
74 UserInfo userInfo,
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
75 Class<T> clazz
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
76 ) {
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
77 if (data.getData() instanceof List<?>) {
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
78 List<Object> objects = new ArrayList<Object>();
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
79 for (Object object :(List<Object>)data.getData()) {
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
80 objects.add(setAuthData(userInfo, object, clazz));
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
81 }
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
82 data.setData(objects);
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
83 }
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
84 else {
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
85 Object object = data.getData();
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
86 data.setData(setAuthData(userInfo, object, clazz));
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
87 }
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
88 return data;
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
89 }
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
90
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
91 /**
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
92 * Authorize a single data object that has a messungsId Attribute.
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
93 *
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
94 * @param userInfo The user information.
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
95 * @param data The Response object containing the data.
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
96 * @param clazz The data object class.
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
97 * @return A Response object containing the data.
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
98 */
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
99 private <T> Object setAuthData(
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
100 UserInfo userInfo,
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
101 Object data,
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
102 Class<T> clazz
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
103 ) {
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
104 try {
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
105 Method getMessungsId = clazz.getMethod("getMessungsId");
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
106 Integer id = (Integer)getMessungsId.invoke(data);
1028
1c41c7b8f7c2 Updated server application to new database model. THIS IS STILL WIP!!!
Raimund Renkert <raimund.renkert@intevation.de>
parents: 894
diff changeset
107 Messung messung = repository.getByIdPlain(
1c41c7b8f7c2 Updated server application to new database model. THIS IS STILL WIP!!!
Raimund Renkert <raimund.renkert@intevation.de>
parents: 894
diff changeset
108 Messung.class,
833
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
109 id,
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
110 "land");
1028
1c41c7b8f7c2 Updated server application to new database model. THIS IS STILL WIP!!!
Raimund Renkert <raimund.renkert@intevation.de>
parents: 894
diff changeset
111 Probe probe = repository.getByIdPlain(
1c41c7b8f7c2 Updated server application to new database model. THIS IS STILL WIP!!!
Raimund Renkert <raimund.renkert@intevation.de>
parents: 894
diff changeset
112 Probe.class,
833
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
113 messung.getProbeId(),
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
114 "land");
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
115
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
116 boolean readOnly = true;
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
117 boolean owner = false;
1028
1c41c7b8f7c2 Updated server application to new database model. THIS IS STILL WIP!!!
Raimund Renkert <raimund.renkert@intevation.de>
parents: 894
diff changeset
118 MessStelle mst = repository.getByIdPlain(MessStelle.class, probe.getMstId(), "stamm");
833
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
119 if (!userInfo.getNetzbetreiber().contains(
1028
1c41c7b8f7c2 Updated server application to new database model. THIS IS STILL WIP!!!
Raimund Renkert <raimund.renkert@intevation.de>
parents: 894
diff changeset
120 mst.getNetzbetreiberId())) {
833
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
121 owner = false;
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
122 readOnly = true;
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
123 }
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
124 else {
894
f5b4784d9173 Load probe attribute 'laborMstId' from db and use this field to authorize
Raimund Renkert <raimund.renkert@intevation.de>
parents: 849
diff changeset
125 if (userInfo.belongsTo(probe.getMstId(), probe.getLaborMstId())) {
833
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
126 owner = true;
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
127 }
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
128 else {
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
129 owner = false;
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
130 }
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
131 readOnly = this.isMessungReadOnly(messung.getId());
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
132 }
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
133
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
134 Method setOwner = clazz.getMethod("setOwner", boolean.class);
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
135 Method setReadonly = clazz.getMethod("setReadonly", boolean.class);
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
136 setOwner.invoke(data, owner);
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
137 setReadonly.invoke(data, readOnly);
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
138 } catch (NoSuchMethodException | SecurityException
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
139 | IllegalAccessException | IllegalArgumentException
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
140 | InvocationTargetException e) {
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
141 return null;
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
142 }
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
143 return data;
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
144 }
fa922101a462 Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff changeset
145 }
This site is hosted by Intevation GmbH (Datenschutzerklärung und Impressum | Privacy Policy and Imprint)